com 


Judging  the  new  HP  Customers  still  are  not  sold, 

even  a  year  after  the  HP/Compaq  merger.  PAGE  1 8. 


Web  services  helper  The  next  version  of  the 

UDDI  protocol  will  feature  improved  security,  policy  controls.  PAGE  29. 
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Privacy 
concerns 
dog  initial 
RFID  plans 

■  BY  ANN  BEDNARZ 

Philips  Electronics  made  a 
splash  last  month  when  it  an¬ 
nounced  clothing  retailer  Ben¬ 
etton  would  outfit  its  garments 
and  shipping  containers  with 
wireless-enabled  labels  contain¬ 
ing  microchip  transmitters  that 
Philips  developed. 

But  the  splash  turned  into  a 
tidal  wave  of  negative  publicity 
as  privacy  groups  raised  fears 
that  the  transmitter  would  let 
the  retailer  identify  and  track 
customers. 

One  consumer  advocacy  group 
called  for  a  boycott  of  Benetton, 
saying  sensors  hidden  in  the  re¬ 
tailers  clothing  could  be  used  to 
create  a  global  surveillance  net¬ 
work.  Another  privacy  advocacy 
firm  started  a  campaign  aimed  at 
stopping  retailers  from  selling 
consumer  goods  containing  live 
tracking  devices. 

The  backlash  was  enough  to 
cause  Benetton  to  retreat  from  its 
commitment  to  the  technology 
in  question:  radio  frequency 
identification  (RFID). 

With  RFID,  the  signals  that  trans¬ 
mitters  emit  are  picked  up  by 
strategically  located  sensors, 
which  extract  item-identification 
See  RFID,  page  93 


Showtime 
for  VoIP, 
security 


■  BY  PHIL  HOCHMUTH  AND 
TIM  GREENE 

LAS  VEGAS  —  3Com  and  Cisco 
will  marshal  a  parade  of  IP  tele 
phony  vendors 
pitching  new 
wares  this  week 
at  NetWorldn- 
Interop  as  the 
industry  moves  to  make  enter¬ 
prise  voice  over  IP  more  scalable 
and  IP  phones  more  mobile. 

Security  hardware  makers  also 
will  be  prominent  as  they  debut 
gear  upgraded  for  detecting  and 
reacting  to.  network  intrusions, 
and  roll  out  Secure  Sockets  Layer 
(SSL)-based  products  designed 


NETWPRLD 
+  INTEROP 


to  ease  deployment  of  VPNs. 

With  about  275  exhibitors 
scheduled,  this  week’s  N+I  —  the 
only  Interop  in  the  U.S.  this  year 
—  will  be  about  half  the  size  of 
last  year’s  Las 
Vegas  show,  which 
was  half  the  size  of 
the  2001  show. 
Nevertheless,  inter¬ 
est  in  VoIR  Wi-Fi  and  VPN  infra¬ 
structure  products  is  expected  to 
be  strong. 

Among  the  announcements: 

•  3Com,  with  its  Voice  Core 
Exchange  V7000,  wants  to  enter 
the  large-scale  VoIP  product 
market. 

See  Interop,  page  14 
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All  for  one  and  one  for  all  saves  money 


■  BY  ANN  BEDNARZ 

Getting  rid  of  a  $4.5  million  ERP 
system  gone  awry  was  supposed 


to  be  the  first  problem  Robert 
Moon  solved  when  he  joined  dis¬ 
play  products  manufacturer  View¬ 
Sonic  as  vice  president  of  infor¬ 
mation  service.  But  instead  of  re¬ 
placing  the  company’s  troubled 
ERP  system,  Moon  revived  it. 

Moon  arrived  at  ViewSonic  in 
early  2001  to  find  an  array  of  heav¬ 
ily  customized  Oracle  applica- 
tions.The  Walnut,  Calif.,  company 
was  running  separate  “instances,” 
or  versions,  of  Oracle’s  financial 
software  in  each  of  its  three  re¬ 
gional  offices:  one  on  Version  10.7 


and  two  on  Version  1 1 .0.3. 

Each  office  also  had  distinct 
procedures  for  managing  ac¬ 
counts.  Different  offices  had  dif¬ 
ferent  methods  of  budgeting, 
recording  and  reporting  financial 
transactions. 

Reconciling  these  systems  to 
produce  quarterly  and  annual 
corporate  reports  was  a  manual 
chore  that  often  took  weeks  to 
accomplish.  It  was  enough  of  a 
nightmare  to  prompt  ViewSonic 
executives  to  consider  scrapping 
the  company’s  Oracle  investment 


altogether.  Until  Moon  came 
along. 

“1  pointed  out  it  was  not  the  soft¬ 
ware,  it  was  the  implementation 
that  had  been  done  incorrectly 
Moon  says.  So  the  company  spent 
$750,000  to  migrate  its  ERP  sys¬ 
tems  to  a  single,  customization- 
free  instance  of  Oracle  Hi  —  a 
move  that  now  is  saving  View¬ 
Sonic  millions  of  dollars  per  year 
in  personnel  and  systems  costs. 

ERP  instance-consolidation  pro¬ 
jects  such  as  the  one  ViewSonic 
See  ERP,  page  94 
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Interop, 

Labs 


Exclusive 

preview 


ILabs  tests  show  wireless 
security  not  fully  baked. 


More  Interop  news  inside 

•  Aprisma,  BMC,  Fluke  and  Smarts 

to  show  off  management  wares.  Page  12. 

•  New  Foundry  Biglron  MG8  Ethernet  switch 
supports  a  full  10G.  Page  14. 

•  Adtran  takes  aim  at  Cisco  with  VPN- 
enabled  routers.  Page  22. 

•  Sprint  emphasizes  customer  savings  with 
Frame  Relay  over  DSL  service  launch.  Page  37. 

•  A  round  up  of  remote-office  products,  such 
as  EmergeCore’s  IT-100  box,  debuting  at  the 
show.  Page  45. 


Fluke  OptiView 


Foundry 
Biglron  MG8 


Stay  on  top  of  all  the  latest  news  from  the 

show  at  www.nwfusion.com,  DocFinder:  5653, 
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Microsoft-  ' 

Windows  Server  2003 

Datacenter  Edition 


THE  WINDOWS  DATA  CENTER:  TODAY’S  LOW-COST, 
HIGH-PERFORMANCE  ANSWER  TO  COMPLEXITY. 

Decisions  about  your  data  center 
never  have  to  be  made  by  default  again. 
Introducing  the  proven  alternative  to 
UNIX:  The  Windows1*  Data  Center. 
Featuring  the  Unisys  ES7000  and  new 
Microsoft5  Windows  Server  2003,  it’s  a 
solution  that  brings  revolutionary  perfor¬ 
mance  and  low-cost  standardization  to 
the  enterprise  like  never  before. 

With  mainframe-like  integrity,  the 
ES7000  and  Windows  Server  2003  fully 
optimize  today’s  enterprise  data  center. 
It’s  no  wonder  nearly  50%  of  large  orga¬ 
nizations  are  standardizing  on  Windows 
operating  systems.1 

And  by  focusing  solely 
on  enabling  standardized, 
end-to-end  Windows  data 
centers,  Unisys  helps 
generate  staff  efficiencies, 
increase  agility  and  mitigate 
risks  — all  while  achieving 
greater  return  on  tech¬ 
nology  investment. 

So  if  you’ve  had  quite 
enough  of  your  inflexible 
data  center,  let  us  help  you  escape.  After 
all,  nobody  wants  to  be  on  the  wrong 
side  of  a  revolution. 


UNISYS 

ES7000 


FOR  MORE  INFORMATION 

Call  1-800-548-3443  or  visit 
WeHaveTheWayOut.com 


UNISYS 

Microsoft 


SUN  FIRE™  Y1280 

Enterprise-class  features  and 
aggressive  price  points,  so  you 
can  lower  the  cost  of  reliability. 


WHY  NOT  CUT  COSTS 
WITHOUT  CUTTING  CORNERS? 


SUN™  LX50 


SUN  FIRE  V480 


SUN  FIRE  V880 


It’s  simple,  really:  When  you  buy  commodity  hardware,  you  get 
commodity  features.  So  why  not  get  premium  features  for  the 
same  price?  With  a  line  of  servers  that  are  as  affordable  as 
they  are  powerful,  Sun  is  out  to  prove  once  again  that  you  can 
lower  costs  and  complexity  without  compromising  quality. 

Sun  has  an  entire  family  of  servers  built  to  deliver  enterprise- 
level  performance  and  reliability  at  highly  competitive  prices. 
Which  means  that  for  the  cost  of  an  alarmingly  mediocre  Wintel 
box,  you  can  get  an  ultra-reliable  Sun  server  ready  to  take  on  your 
most  mission-critical  tasks.  From  CRM  applications  to  e-mail 
and  Web  serving.  With  this  kind  of  bang  for  the  buck,  it’s  no  wonder 
Sun  has  remained  the  UNIX®  server  leader  every  year  since  1998? 


To  find  out  more  about  how  Sun  servers  can  deliver 
state-of-the-art  technology  at  state-of-the-economy  prices, 
visit  SUN.COM/WHYNOT 


We  make  the  net  work. 


'  Source:  I  DC  s  Worldwide  Quarterly  Server  Tracker,  February  2003.  Based  on  revenue  and  shipment  growth,  C  Y20O2,  all  OSs. 

©2003  Sun  Microsystems,  Inc.  All  rights  reserved.  Sun,  Sun  Microsystems,  the  Sun  logo,  Sun  Fire  and  Sun  StorEdge  are  trademarks  or  registered 
trademarks  ot  Sun  Microsystems,  Inc.  in  the  United  States  and  other  countries.  UNIX  is  a  registered  trademark  in  the  United  States  and  other  countries, 

exclusively  licensed  through  X/Open  Company,  Ltd. 
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News 

■  12  Management  vendors  to  focus  on  automation. 

■  14  Foundry  Networks  to  present  Gigabit  Mucho  Grande  switch. 

■  16  Microsoft  Windows  Server  2003  is  out . . .  and  so  is 

the  jury  on  adoption. 

■  16  Plumtree  improves  portal  offerings. 

■  18  Customer  unrest  continues  a  year  after  HP/Compaq  merger. 

■  93  RenewData  uncovers,  prevents  'smoking  guns.’ 

■  94  Is  ERP  consolidation  an  Oracle  phenomenon? 


Infrastructure  Net.Worker 


■  21  Grids  to  affect  network 
backbones. 

■  21  Unisys  to  release  data 
center  server. 

■  22  Ohio  State  University  adapts 
course  content  for  PDAs. 

■  22  Adtran  pumps  up  VPN 
support  in  low-end  routers. 

■  26  Kevin  Tolly:  The  Gigabit 
killer  app  is  within  vendors'  reach. 

Enterprise 

Applications 

■  29  Key  Web  services  protocol 
gets  help. 

■  29  First  Virtual  Communications 
blends  Web  and  videoconferencing. 

■  30  Staples  switches  Web  search 
tools. 

■  30  BMC  Software  looks  to  ease 
mainframe  management. 

■  32  Scott  Bradner:  Until 
the  ’Net  is  fast  enough? 

■  34  Special  Focus: 

Enterprise  applications:  Users  take 
open  source  for  a  spin. 


■  45  Remote-office  roundup. 

■  48  Toni  Kistner:  Work 
wherever,  however,  whatever. 

Technology  Update 

■  50  GMPLS  unifies  network 
layers. 

■  50  Steve  Blass:  Ask  Dr 

Internet. 

■  51  Mark  Gibbs:  Registry 
trivia  and  tools. 

■  51  Keith  Shaw:  Two  Palms 
now,  with  one  on  the  way. 

Opinions 

■  52  Editorial:  Using  your 
browser  for  security. 

■  53  Chuck  Yoke:  The  Zen  of 

technology  acquisition. 

■  53  Linda  Musthaler: 

Certifications  are  worth  it. 

■  98  BackSpin:  Scams  to 
scumware. 

■  98  'Net  Buzz:  Report  from 
the  file-swapping  front  doesn't  look 
good  for  free-music  fans. 


Service  Providers 

■  37  Sprint  rolls  out  Frame  Relay 
over  DSL  local  service. 


Management 

Strategies 


■  37  Lucent  looks  to  rekindle 
relationship  with  corporations 
through  partnerships. 

■  40  OpenReach  VPN  service 
embraces  wireless. 


■  73  Customized  collaboration:  A 
Navy  unit  replaces  an  outdated  data¬ 
base  with  a  Web-based  system  that 
gives  users  control  of  information. 


Page  51. 


■  42  Johna  Till  Johnson: 

Start-ups  making  strides  in  route 
management. 


The  Palm  Zire  71  slides 
to  reveal  an  embedded 
digital  camera. 


Buyer's 

GUIDE 

NAS  appliances  | 

Trends  in  the  world  of  network-attached  storage.  Page  55. 

Snap  Server  wins  our  test  of  open  source  NAS  appliances.  Page:  56. 


HP's  StorageWorks,  left,  takes  top 
honors  in  a  test  of  midrange 
Windows-powered  NAS  devices. 

Page  58. 


F6atUI*6:  ILab  engineers  cook  up  802.1X,  iSCSI  and  MPLS  tests.  Page  63. 
Review:  WatchGuard’s  new  firewall/VPN  takes  aim  at  the  high  end.  Page  69. 
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Interactive 

N+l  news 

If  you  can't  make  it  to  the  show  this  week,  stay  on  top  of  all  the  news 
you  need  at  our  Interop  breaking  news  page.  Heading  to  Sin  City?  Check 
out  our  unabridged  online  N+l  planner  to  see  which  keynote  addresses, 
events  and  seminars  you  can't  afford  to  miss.  On  the  go?  Download  it  to 
your  PDA  DocFinder  5653 

Forum:  MCI  under  Capelias 

Is  new  CEO  Michael  Capelias  a  miracle  worker  or  something  less?  What 
does  the  future  hold  for  his  company?  DocFinder:  5654 

Network-attached  storage  appliance 
Buyer's  Guide 

Get  a  complete  online  listing  of  all  vendors  and  products  from  this  week's 
Buyer's  Guide  on  page  55,  Use  our  online  guide  to  narrow  your  search 
according  to  feature,  or  use  our  Compare-o-matic  to  compare  products 
in  various  categories.  DocFinder:  5655 

Audio  primer:  Digital  rights  management 

Find  out  what  10  things  you  need  to  know  before  implementing  digital 
rights  management  in  your  company.  DocFinder.  4741 
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Columnists 

Compendium 

Microsoft  spider  reported  in  the  wild 
Fusion  Executive  Editor  Adam  Gaffin  says  a  Microsoft  spider  is 
making  its  rounds,  leaving  some  to  wonder  what  a  comparison 
between  Microsoft's  search  engine  and  the  Linux-driven  Google 
would  be  like.  DocFinder.  5656 

Multimedia  Exchange 

New  Windows  Media  9  Series  fun  pack 
Multimedia  Editor  Jason  Meserve  says  Windows  XP  Creativity 
Packs  are  loaded  with  fun  things,  including  the  ability  to 
append  the  track  information  for  the  current  selection  being 
played  in  Windows  Media  Player  into  your  blog  entry. 
DocFinder:  5657 

Small  Business  Tech 

Novell  woos  small  businesses 

James  Gaskin  examines  Small  Business  Suite  for  NetWare 
6.5  and  finds  it  full  of  new  features.  DocFinder  5658 

Digital  Domicile 

Invasion  of  the  killer  Bs 

Mike  Wolf  says  competition  between  802.11b  silicon  vendors 
has  resulted  in  a  drastic  decline  in  hardware  prices. 

DocFinder:  5659 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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Bulk  e-mailers  look  to  shake  spam  stigma 

■  A  coalition  of  e-mail  service  providers  has  announced  plans  for 
registries  intended  to  separate  the  good  bulk  e-mailers  from  the 
spammers.  The  Email  Service  Provider  Coalition,  formed  by  the 
Network  Advertising  Initiative,  counts  among  its  members  30  com¬ 
panies  that  provide  outsourced  e-mail  services  or  Internet  advertis¬ 
ing  functions,  including  Doubleclick  and  Advertising.com.  The 
group  last  week  announced  the  blueprint  for  a  registry  standard 
that  would  include  a  certification  process  for  companies  sending 
out  bulk  e-mail.The  coalition  said  the  standard  would  be  launched 
in  six  to  nine  months. Vendors  that  pass  the  certification  would  get 
a  sort  of  seal  of  approval,  an  alternative  to  current  blacklists  and 
spam  filters  that  sometimes  ban  legitimate  e-mail  vendors,  said 
Hans  Brondmo,  senior  vice  president  for  strategy  for  Digital  Impact 
and  chairman  of  the  ESPC  technology  working  group.  High-volume 
e-mailers  would  get  a  score  similar  to  a  credit  rating,  based  on 
numbers  of  customer  complaints,  how  many  times  people  have  to 
unsubscribe  and  other  factors. 

Computer  virus  exploits  SARS  fears 

■  In  the  latest  example  of  computer  virus  writers  capitalizing  on  current  events,  an  e-mail 
worm  uses  fears  about  Severe  Acute  Respiratory  Syndrome  to  entice  users  to  open  a  file 
attachment,  which  infects  host  machines  and  helps  spread  the  virus  to  other  machines  on 
the  Internet.  The  worm,  W32/Coronex-A  (Coronex),  is  a  mass-mailer  worm  that  uses 
Microsoft  Outlook  to  send  copies  of  itself  to  unsuspecting  recipients, according  to  an  alert 
from  antivirus  company  Sophos.The  e-mail  can  carry  a  variety  of  subject  lines  and  mes¬ 
sages  relating  to  the  deadly  new  respiratory  illness.  Greetings  such  as  “SARS  Virus, "“1  need 
your  help,”  and  “deaths  virus,”  accompany  messages  containing  the  computer  virus, 
according  to  antivirus  software  company  Symantec.  When  opened,  the  attachment 
launches  the  virus,  displaying  a  pop-up  window  with  the  message  “corona  virus.” 

Tandberg  to  offer  WebEx  integration 

■  Tandberg  is  attempting  to  bring  together  Web  conferencing  and  videoconferencing 
with  a  new  development  deal  with  WebEx.  As  part  of  the  deal, Tandberg  will  build  in  the 
ability  for  its  Tandberg  Management  System  Scheduler  users  to  add  a  WebEx  confer¬ 
ence  as  part  of  an  overall  audio  and  videoconference  reservation.  TMS  automatically 
would  schedule  the  necessary  resources  with  the  WebEx  service.  Customers  would 
need  to  establish  and  pay  for  the  WebEx  account  separately.  Data  in  the  WebEx  piece  of 

COMPENDIUM 

The  Iraqi  view  on  routing 

Route rGod  once  again  scoops  the  technology  press  with  an  interview  with 
Mur  n tmed  Saeed  al  Sahaf  on  policy-based  routing:  “Your  packets  are  fragmented 
and  time  to  live  has  exceeded. ...  We  will  beat  your  packets  with  our  shoes  and 
roas  :>c-;r  conftgs  in  hell!"  Find  out  what  else  the  information  minister 
knou  s  at  www.nwfusion.com,  DocFinder:  5661. 
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heGood  Bad 


Help  is  on  the  way. 

The  title  of  the  old  Public  Enemy 
song  “911  is  a  Joke”  pretty 
much  has  summed  up  the 
level  of  access  to  the  911 
emergency  system  from  voice 
over-IP  service  providers  to 
date.  But  that's  starting  to 
change.  Big  VoIP  provider 
Vonage  has  announced  that 
its  customers  now  can  call 
911  in  an  emergency.  > 


Auspex  expiring. 

Auspex  Systems,  a  pioneer  in 
network-attached  storage, 
last  week  said  it  had 
filed  for  Chapter  11  liquidation. 

The  company  laid  off  all  but  27  employees, 
as  it  plans  to  continue  providing  customer  service 
while  it  looks  to  sell  its  assets,  including  intellectual  property. 
Auspex  started  up  in  1987. 


Fraud  alert  More  proof  that  the  Internet  isn't  all  fun  and  games.  The 
FBI  has  announced  that  a  new  Internet  Fraud  Complaint  Center  report  found  that 
the  center  referred  48,252  fraud  complaints  to  federal,  state  and/or  local  law 
enforcement  authorities  last  year,  triple  the  number  of  referrals  in  2001.  According 
to  the  report,  the  total  dollar  loss  from  all  referred  fraud  cases  was  $54  million, 
up  from  $17  million  in  2001. 


the  conference  will  be  available  to  phone  participants  with  Web  access  and  Tandberg 
video  endpoints  equipped  with  a  PC  or  the  company’s  DuoVideo  technology,  which  lets 
people  be  displayed  on  one  screen  and  data  on  a  second  screen. The  WebEx  features 
will  be  available  in  TMS  Scheduler  6.2,  and  is  due  out  later  this  quarter. 

‘Father  of  the  database’  dies  at  79 

■  Edgar  Codd,  who  is  credited  with  the  theoretical  development  of  relational  databas¬ 
es,  died  April  18  at  his  home  in  Florida.  He  was  79.  Codd,  a  mathematician,  devised  an 
approach  for  storing  data  in  tables  that  were  cross-referenced  and  could  be  presented 
to  the  user  in  a  variety  of  ways.  IBM,  for  whom  Codd  worked  in  the  1960s  and  70s, 
ignored  his  work  as  it  was  working  on  a  database  with  a  different  structure.  Finally  in 
1978,  IBM  built  a  product  that  used  Codds  theories.  However,  by  that  time  a  small  com¬ 
pany  called  Oracle  had  beaten  Big  Blue  to  the  punch  with  its  own  database  that  utilized 
Codd’s  published  works. 

Microsoft  pushes  back  release  of  Office  2003 

■  Responding  to  feedback  from  beta  testers,  Microsoft  plans  to  release  a  “refresh”  of 
Office  2003  beta  2  before  finalizing  the  product,  pushing  back  the  commercial  launch 
of  the  productivity  software  suite  until  the  third  quarter,  the  company  said  last  week.“We 
are  making  a  number  of  improvements  to  the  beta  2  version  of  the  Office  System  prod¬ 
ucts,”  a  Microsoft  spokesman  said. “There  are  no  major  issues  with  Office  2003,  but  the 
beta  has  allowed  the  Office  development  team  to  gather  feedback  about  some  minor 
issues  that  can  impact  customer  satisfaction.”  Microsoft  declined  to  detail  what  improve¬ 
ments  are  being  made  or  what  issues  the  beta  testers  found.  The  refreshed  version  is 
scheduled  to  be  released  later  this  quarter,  most  likely  on  Microsoft’s  Office  beta  Web 
site,  the  spokesman  said.  Microsoft  had  intended  to  release  the  product  in  June. 

SEC  questions  Riverstone  accounting 

■  The  Securities  and  Exchange  Commission  has  asked  network  equipment  provider 
Riverstone  Networks  to  voluntarily  hand  over  information  related  to  its  accounting  prac¬ 
tices,  the  company  said  last  week.  The  company  said  it  intends  to  fully  cooperate.  No 
one  from  the  company  was  immediately  available  to  comment  further. 


Carrier-class  availability,  enterprise  features,  always  ON  reliability 
No  traffic  interruption  with  component  or  software  failure  or  software  loads 
Non  stop  operation  and  no  I  •  ■  - 


loss  of  capacity  from  management  module  failover 


Because  "ON"  is  the  only  option 


Availability  in  your  network  is  more  critical  than  ever, 
because  it's  not  if,  but  when  all  communication  such  as 
voice,  data,  and  video  will  digitally  converge  over  IP 
and  Ethernet. 

That  means  your  enterprise  network  must  be  carrier  class, 
with  self-healing  components  capable  of 
continuous  operation. 

That  also  means  you  need  to  eliminate  all 
backdoor  passwords,  and  administration 
rights  must  be  restricted  based  on  the  skill  set  of 
the  administrator. 


Bft.LUkLUL?S 


Alcatel's  new  OmniSwitch  redefines  availability  for  the 
enterprise,  with  carrier-class  technology  that  delivers  next- 
generation  capabilities  right  now,  without  a  cost  premium. 

Alcatel  has  a  history  of  innovation  and 
proven  leadership,  and  has  been  building 
carrier  networks  around  the  world  for  over 
half  a  century. 


Alcatel  builds 

carrier-class  networks 
for  the  enterprise 


Carrier  class  is  a  distinction  you  have  to 
earn.  We've  earned  it  and  now  bring  it  to 
the  enterprise  with  the  next  generation 
OmniSwitch  family. 


www.alcatel.com/enterprise 

(800)  995-2612 
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Mgmt  vendors  to  focus  on  automation 


■  BY  DENISE  DUBIE 

LAS  VEGAS  —  A  slew  of  management  product  vendors 
this  week  will  use  NetWorld+Interop  to  tout  out-of-the-box 
automation,  integration  and  visibility  features. 

Companies  planning  to  make  announcements  —  some 
software,  some  hardware  —  include  Aprisma,  BMC 
Software  and  Smarts.  Computer  Associates  also  is  promis¬ 
ing  news  related  to  its  on-demand  computing  strategy 
and  Unicenter  management  system,  but  details  could  not 
be  learned  by  press  time. 

Elisabeth  Rainge,who  tracks  management  technologies 
as  a  program  director  for  IDC.says  vendors  seem  less  con¬ 
cerned  these  days  with  flooding  the  market  with  point 
products.  Instead,  they  are  adding  or  expanding  automa¬ 
tion  and  other  features  that  “address  staffing  cuts  and  the 
loss  of  knowledge  from  IT  departments.”  Although  she 
notes  that  such  features  “would  have  been  useful  years 
ago  as  well.” 

What  follows  is  a  sampling  of  announcements  planned 
for  the  show. 

Smarts  gets  its  products  on  same  page 

Smarts  says  it  is  creating  common  code  across  its  man¬ 
agement  consoles  and  applications  to  enable  easier  roll¬ 
outs  and  better  data  sharing.  Until  now,  customers  had  to 
write  code  to  enable  integration  among  Smarts’  products, 
including  its  InCharge  Service  Assurance  Manager 
(SAM),  an  application  performance  management  pro¬ 
gram  now  on  Version  6.0. 

There  have  always  been  a  lot  of  management  tools,  all 
doing  their  own  thing,  but  now  vendors  are  working  to 
make  some  sense  of  them  and  the  data  they  collect,”  says 
Glenn  O’Donnell,  a  program  director  at  Meta  Group. 

“Smarts  is  working  toward  that  kind  of  consolidation,” 
he  adds. 

In  SAM  6.0,  Smarts  also  is  introducing  a  feature  that  lets 
network  managers  build  operational  workflow  and  prob¬ 
lem  escalation  rules  into  the  software. The  software  then 
takes  actions  based  on  the  rules. 

The  company  says  the  feature  helps  tie  operational 
processes  directly  to  IT  elements  and  eliminate  redun¬ 
dant,  manual  tasks. 

The  upgraded  software,  which  starts  at  $55,000,  is  sched¬ 
uled  to  ship  at  the  end  of  June. 

BMC  takes  guesswork  out  of  Web  servers 

In  an  effort  to  get  speedier  results  to  its  users,  BMC  is 
including  a  root-cause  analysis  module  in  Patrol  Internet 
Server  Manager  6. 1 .  The  software,  which  is  for  managing 
Web,  mail,  FTP  and  other  servers,  now  can  perform  the 
basic  troubleshooting  tasks  of  a  network  administrator. 

"We  built  in  our  experience  with  75%  to  90%  of  the  most 
typical  problems  with  Internet  servers  and  how  to  go 
about  troubleshooting  them,”  says  Robert  Anderson,  a 


Corrections 


■  The  story  "Rackspace  angles  for  bigger  fish"  (April  21, 
page  29)  should  have  reported  the  2002  revenue  for 
Rackspace  as  growing  43%  to  S40  million. 

■  An  error  in  the  column  “Until  the  'Net  is  fast  enough?" 
(April  28.  page  32)  was  caught  after  the  page  was  printed. 
The  company's  name  is  Protocall  Technologies. 


product  manager  at  BMC. “Instead  of  just  saying  a  server 
has  failed,  the  software  can  now  tell  the  admin  the  cause 
and  even  fix  it  if  [Patrol  has]  been  configured  to  do  so.” 

Version  6.1  can  run  either  on  the  managed  server  or  be 
used  to  keep  an  eye  on  Internet  servers  remotely  from  a 
dedicated  workgroup  server. The  software  uses  native  pro¬ 
tocols  to  collect  data  and  take  automated  actions  on  the 
servers,  and  it  delivers  data  back  to  the  Patrol  Manage¬ 
ment  Console  or  consoles  from  competitors  such  as  HP 
and  IBM  Tivoli.  (For  other  BMC  news,  see  page  30.) 

Version  6.1  costs  about  $2,000  per  workgroup  server 
and  about  $500  per  remote  host. 

Fluke  reaches  into  the  WAN 

Traditionally  a  maker  of  LAN  troubleshooting  devices, 
Fluke  Networks  this  week  will  make  a  foray  into  WAN 
management  and  analysis. 


Fluke  Networks'  OptiView  WAN  Analyzer  monitors  traffic  on  0C- 
3/0C-12  lines  and  reports  on  bandwidth  utilization,  virtual  cir¬ 
cuits  and  application  chattiness  over  enterprise  WANs. 


The  company’s  new  OC-3/OC-12  OptiView  WAN  Analyzer 
is  an  appliance  for  monitoring  WAN  endpoints,  virtual  cir¬ 
cuits  and  the  traffic  that  traverses  ATM  and  packet-over- 
SONET  networks.  The  appliance  plugs  into  the  network 
and  into  the  outgoing  and  incoming  router  ports.  Upon 
installation,  the  appliance  performs  an  automated  discov¬ 
ery  of  the  devices  tapping  into  a  particular  WAN  circuit. 
Software  embedded  in  the  appliance  also  reads  packets 
and  populates  an  on-board  database  with  information 
about  the  devices  and  applications  using  the  WAN  circuit. 

Fluke  says  having  the  appliance  in  place  will  enable 
automatic  problem  detection,  identify  the  “top  talkers”  on 
the  WAN  and  filter  packets  to  only  report  those  with 
errors  to  network  engineers.  The  product  can  be  used 
with  or  without  other  Fluke  products, such  as  its  LAN  ana¬ 
lyzers  and  network  management  console. 

OptiView  WAN  Analyzer  for  OC-3  pricing  starts  at  about 
$18,000  and  for  OC-3/OC-12  version,  $28,000.  OptiView 
WAN  Analyzers  for  T-l,  E-l  and  T-3  links  are  planned  for 
year-end. 

Panacya  adding  apps  intelligence 

Panacya  is  updating  its  flagship  BusinessAware  applica¬ 
tion  management  software  with  what  the  company  says 
is  80%  to  85%  of  what  all  customers  need  to  know  about 
BEA  Systems’  WebLogic  application  server.  Panacya  also 
has  included  management  information  for  Sun  Solaris 
servers,  Oracle  databases  and  Cisco  devices  in 
BusinessAware  2.2. 

The  company  says  that  by  writing  this  knowledge  into 
the  software,  BusinessAware  now  can  be  installed  within 
weeks  instead  of  months  and  can  alert  companies  to 
potential  problems  more  quickly. The  software  also  now 
includes  prepackaged  modules  for  the  automated  analy¬ 
sis  and  monitoring  of  enterprise  applications. 

The  central  component  of  Version  2.2  runs  on  a  Solaris 
or  Windows  NT/2000  server,  and  from  there,  lightweight 
agents  are  pushed  out  to  the  devices  to  be  managed.The 
agents  each  contain  Web  server  software  to  let  network 


managers  access  real-time  performance  data,  such  as 
response  time  and  availability,  via  a  Web  browser. The  per¬ 
formance  data  collected  on  each  agent  is  stored  in  a  cen¬ 
tral  repository  for  long-term  trending  and  historical 
reports.  Panacya  lets  users  create  and  customize  software 
modules  to  watch  over  known  performance  problems  or 
specific  applications. 

An  agentless  option  also  is  available.  BusinessAware  2.2 
costs  about  $50,000. 

MPLS  nets  are  in  Aprisma's  sights 

Aprisma  is  readying  a  version  of  its  flagship  Spectrum 
network  management  software  specifically  designed  to 
give  customers  more  insight  into  their  Multi-protocol 
Label  Switching  (MPLS)  networks. 

Spectrum  MPLS  Manager  would  seem  to  be  applicable 
mainly  to  carriers,  which  have  started  to  roll  out  MPLS- 
based  VPNs  and  other  services,  although  Aprisma  says 
some  large  companies  have  MPLS  in  their  networks,  too. 
(However,  the  product  is  being  tested  initially  in  two  car¬ 
rier  networks.) 

Aprisma  says  the  software  will  help  companies  under¬ 
stand  how  logical  and  physical  networks  interrelate  and 
how  an  outage  ultimately  will  affect  MPLS  services. 

“Physical  layer  failure  may  not  affect  the  data  path,  but 
there  are  about  six  steps  that  need  to  be  taken  to  figure 
that  out.  We’re  trying  to  eliminate  a  lot  of  that  effort,”  says 
Jim  Lochran.a  solution  architect  at  Aprisma. 

Once  installed,  Spectrum  MPLS  Manager  will  do  an  ini¬ 
tial  discovery  of  the  physical  and  logical  topology  of  a 
network.  It  then  will  use  SNMP  traps  exported  from  Cisco 
and  Juniper  devices  to  update  any  changes  to  the  stored 
topology.  Then  it  will  determine  the  effect  of  alarms  in 
the  Layer  3  connectivity  of  customer  networks. 

Spectrum  MPLS  Manager  is  scheduled  to  be  available 
in  June.  Pricing  will  range  from  $10,000  to  $25,000. 


Lumeta  reworks  service  into  an  appliance 

Lumeta,  an  N+I  newcomer,  is  taking  its  network  invent¬ 
ory  and  security  scanning  service  and  putting  the  tech¬ 
nology  into  a  package  of  server  and  sensor  appliances. 

The  server  appliance,  called  IPsonar,  resides  in  a  com¬ 
pany’s  network  operations  center,  and  sensors  can  be 
located  inside  and  outside  of  corporate  firewalls.  The 
appliances  automatically  discover  servers  and  other 
devices  on  the  network. 

IPsonar  costs  about  $2 1 ,500.  ■ 
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■  THIS  WEEK’S  QUESTION: 

What  percentage  of  U.S.  residents  say  they  don't 
use  the  Internet,  according  to  the  latest  study 
from  the  Pew  Internet  and  American  Life  Project? 


Answer  this  and  nine  additional  questions  online  and  you  could  win  $500! 
Visit  Network  World  Fusion  and  enter  2349  in  the  Search  box. 

www.nwfusion.com 


ARE  THE  SEVEN  DEADLY  INTERNET  SINS 
IMPACTING  YOUR  INFORMATION  SYSTEMS? 

(Stop  multi-media  downloads  from 
eating  up  your  IT  reoourceo. 

WWW 

Movies.  Music.  Interactive  gaming.  In  the  office,  online 
entertainment  can  add  up  to  heavy  network  loads. 

Now  you  can  turn  to  Websense  Enterprise  software  to 
trim  down  excessive  employee  bandwidth  use.  Block 
streaming  media,  set  real-time  thresholds  on  network- 
based  applications,  or  restrict  protocols  that  tunnel 
over  port  80  with  Websense  Enterprise’s  flexible  filter¬ 
ing  options.  Websense  also  lets  you  monitor  bandwidth 
overindulgence  in  real-time.  And  because  it’s  easy  to 
install  and  integrates  seamlessly  with  the  leading 
firewalls,  proxy  servers,  routers,  network  switches  and 
caching  appliances,  Websense  Enterprise  makes  getting 
started  simple.  Trust  the  pioneer  of  the  employee 
Internet  management  category  to  get  your  bandwidth 
use  back  in  shape.  For  more  information  or  to 
download  a  free,  30-day  trial  of  Websense  Enterprise 
visit  www.websense.com  today. 


EMPLOYEE  INTERNET  MANAGEMENT 
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3Coms  enterprise  VoIP  blueprint 


Company  headquarters 


•  Cisco  and  SpectraLink  will 
present  Wi-Fi  IP  phones  for  bring¬ 
ing  mobility  to  IP  telephony 

•  Fortinet  will  debut  Gigabit- 
speed  intrusion-detection  gear 
that  promises  new  approaches 
to  intrusion  detection  and 
prevention. 

•  SSL  VPN  hardware  from 
Neoteris  is  aimed  at  securing  re¬ 
mote-user  applications,  while 
making  VPN  management  easi¬ 
er  than  IP  Security-based  equip¬ 
ment. 

3Com  is  launching  its  VCX 
V7000  platform  for  supporting 
IP  telephony  in  large  organiza¬ 
tions.  The  softswitch  is  a  modi¬ 
fied  version  of  the  carrier 
softswitch  made  by  3Com’s  for¬ 
mer  CommWorks  division,  which 
Chinese  vendor  UTStarcom. 

3Com  says  the  VCX  V7000  will  let  corporations  bring 
carrier-class  scale  and  reliability  to  IP  telephony  net¬ 
works.  It  will  compete  with  offerings  from  Avaya,  Cisco 
and  Nortel.  The  CommWorks  softswitch  already  is 
deployed  as  part  of  a  hosted  VoIP  service  from  MCI,  for- 


Combining  NBX  and  CommWorks  Softswitch  products,  3Com  is  stitching  together  a  VoIP 
offering  for  companies  with  thousands  of  phones. 


Branch  office 


Mirrored  SunFire  V240  servers  running 
3Com's  SIP-based  Voice  Core  Exchange  V7000 
softswitch  will  provide  core  IP  telephony  call 


© 


Larger  branch 
offices  could  deploy 
3Com  NBX  IP  PBXs 
and  NBX  IP  phones 
for  local  call  control 
and  PSTN  access. 
Softswitch  directory 
images  and 
applications  would 
be  mirrored  to  local 
NBXs  via  the  IP  WAN. 


I  rSin  Hi: 
3Com  SIP-based  phones 

3Com  sold  to  the 


3Com  SIP- 
based  phones 


merly  WorldCom,  and  at  AT&T  for  offloading  TDM  back¬ 
bone  traffic  to  the  carrier’s  IP  network. 

A  combination  of  3Com  NBX  and  CommWorks 
softswitch  gear  is  being  rolled  out  at  Prudential  North  West 
Properties,  a  real  estate  firm  in  Oregon  and  Washington. 

“The  [3Com  softswitch]  appealed  to  us  because  . . .  it’s 
obvious  that  it  can  scale,”  says  Sean  McRae,  vice  president 
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Foundry  thinks  big  with  Gigabit  ‘Mucho  Grande’  switch 


Foundry  Networks  this  week  will  lob 
the  latest  round  in  the  10G 
Ethernet  switch  battle  when  it 
debuts  its  Biglron  MG-8and  MG-40 
chassis  at  NetWorld+Interop. 

The  latest  Biglron  chasses  are  billed 
as  Foundry’s  core  switch  platform  for 
the  future,  with  a  terabit-scale  back¬ 
plane  and  40G  bit/sec  of  bandwidth 
per  slot.  The  bandwidth  upgrade  will 
let  10G  Ethernet  ports  operate  at  full 
throughput,  which  was  not  possible  on 
the  vendor's  previous  platform. 

Developed  under  the  code  name 
Mucho  Grande,  the  Biglron  MG8  is  an 
eight-slot  enterprise  chassis  targeted 
for  large  core  backbone  deployments 
and  metropolitan-area  networks 
deployments.  New  four-port  10G 
Ethernet  blades  also  will  be  announced  for  the  MG8, 
allowing  for  a  total  of  32  nonblocking  10G  bit/sec 
Ethernet  ports  in  a  single  chassis,  according  to 
Foundry. 

Analysts  say  adoption  of  Gigabit  Ethernet  has  been 
slow  10G  Ethernet  accounted  for  1%  of  the  Ethernet 
market  in  the  fourth  quarter  of  2002,  Synergy  Research 
says.  But  corporations  with  intense  bandwidth 
demands  should  look  to  platforms  such  as  the  MG8  for 
future  network  deployments. 

"Few  companies  need  10  Gigabit  Ethernet,"  says  Zeus 
Kerravala,  an  analyst  with  The  Yankee  Group.  “But  if 
you're  investing  in  new  switching  gear  now,  there’s  no 
sense  buying  a  platform  that  can’t  support  10G 
Ethernet,  because  it's  coming  down  the  road." 

The  box  will  compete  with  recently  announced  10 
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Foundry's  Biglron  MG8  promises 
full  10G  Ethernet  throughput  with 
a  1.28  terabit/sec  backplane. 


Gigabit  gear  from  Enterasys  Net¬ 
works,  with  its  Matrix  N-Series  chas¬ 
sis,  and  Cisco’s  Supervisor  720 
switch  fabric  module  for  the  Catalyst 
6500.  The  Cisco  and  Enterasys  prod¬ 
ucts  promise  40G  bit/sec  of  band¬ 
width  between  line  cards  and  the 
backplane,  allowing  for  full  10G 
bit/sec.  Like  Foundry,  Cisco  and  En¬ 
terasys  had  offered  10G  Ethernet  line 
cards,  but  were  limited  to  perfor¬ 
mance  less  than  10G  bit/sec  because 
of  chassis/switch  fabric  limitations. 
Start-up  ForcelO  Networks  released 
a  switch  last  fall  that  offers  40G 
bit/sec  per  slot. 

The  Biglron  MG40,  a  service 
provider  box,  also  has  eight  slots,  40G 
bit/sec  of  slot  bandwidth  and  a  terabit 
backplane  like  its  enterprise  cousin.  The  MG40  also 
includes  carrier  features,  such  as  enhanced  Border 
Gateway  Protocol  (BGP)  routing  and  a  Network  Equip¬ 
ment  Building  Standards  Level  3  chassis.  The  Biglron 
MG8  and  MG40  switches  support  Layer  2  and  Layer  3 
switching  and  Routing  Information  Protocol  Version  2, 
Open  Shortest  Path  First  and  BGP  routing  protocols. 

Kerravala  says  that  while  the  Biglron  MG  products 
were  a  long  time  coming,  the  release  is  significant  for 
Foundry. 

“Companies  like  ForcelO  made  all  the  other  vendors 
sit  up  and  take  notice,”  he  says.  "Foundry  isn't  a  solu¬ 
tions  provider  —  they're  a  switch  company.  They're  goal 
is  to  build  the  best  switch,  so  its  important  to  have  this 
kind  of  product." 

—  Phil  Hochmuth 


and  CIO  at  the  real  estate  firm. 

The  softswitch  will  be  used  as  a  cen¬ 
tral  call-control  engine  for  20  offices 
connected  by  a 
WAN.  The  branches 
will  have  a  mix  of 
NBXs  and  phones, 
and  Session 

Initiation  Protocol 
phones  that  the 
softswitch  controls 
centrally 

3Com’s  softswitch 
is  a  call-control  and 
- applications  plat¬ 
form  that  runs  on 
Sun’s  SunFire  Unix  server  platform.  The 
software  is  based  on  SIRa  real-time  com¬ 
munications  control  protocol  that  ven¬ 
dors  such  as  Microsoft  and  Siemens  are 
adopting. The  softswitch  can  be  used  to 
provide  calling  features  and  unified 
messaging  applications  for  tens  of  thou¬ 
sands  of  users  —  far  beyond  what  its  NBX  IP  PBX  phone 
system  can  handle,  the  company  says. 

“We’re  also  very  interested  in  SIP  and  the  open  archi- 
tecture”of  the  softswitch,  McRae  says.“Down  the  road, SIP 
will  allow  us  to  integrate  different  kinds  of  phones  and 
other  devices  from  a  number  of  vendors.” 

3Com  says  it  will  work  to  integrate  its  NBX  and  VCXV7000 
platforms  as  a  single  VoIP  system  over  the  next  year. 

Voice  and  wireless 

N+I  is  ground  zero  for  industry  buzzwords,  and  two  of 
the  most  popular  —  VoIP  and  Wi-Fi  —  will  be  brought 
together  by  SpectraLink  and  Cisco,  which  are  separately 
announcing  802.1  lb-based  IP  telephones. 

SpectraLink  is  adding  the  i640  and  e340  to  its  lineup  of 
Wi-Fi  IP  phones. The  i640  includes  a  walkie-talkie  feature 
based  on  IP  multicast  that  will  let  users  on  the  same 
802.1  lb  network  talk  by  pushing  a  button  on  the  handset. 
The  e340  Wi-Fi  IP  phone  is  aimed  at  corporate  users,  and 
is  a  slimmer  version  of  SpectraLink’s  previous  Wi-Fi 
phones  (targeted  at  healthcare  and  manufacturing  mar¬ 
kets).  Both  work  with  IP  PBXs  from  Avaya,  Cisco  and 
Nortel  and  all  standards-based  802.11b  endpoints.  A 
SpectraLink  gateway  server  also  is  needed  to  connect  the 
phones  to  an  IP  PBX. 

Revealed  at  Cisco’s  Partner  Summit ‘earlier  this  month, 
the  Cisco  7920  Wi-Fi  IP  phone  lets  companies  deploy  wire¬ 
less  phones  throughout  a  Cisco-based  VoIP  and  802.11b 
infrastructure.  The  device  will  support  all  Cisco  Call- 
Manager  IP  PBX  features  without  additional  equipment. 
The  7920  phone  will  include  support  for  Cisco’s 
Lightweight  Extensible  Authentication  Protocol  for  securi¬ 
ty,  and  quality-of-service  support  over  Cisco  wireless  gear. 
The  phone  costs  $595  and  will  ship  in  June. 

Cisco  also  is  announcing  new  low-cost  wired  IP 
phones, with  its  7902G,and  the  7912G,  which  are  available 
for  $130,  and  $165  respectively. The  7912G  includes  a  two- 
port  LAN  switch  for  connecting  a  PC  and  phone  to  the 
LAN  over  one  cable.The  7902G  does  not  include  a  switch, 
or  an  LCD  display.  Additionally,  Cisco  will  release  Version 
3.0  of  its  Survivable  Remote  Site  Telephony  for  Cisco  10S, 
which  provides  call  control  and  calling  features  to  VoIP 
users  at  remote  sites,  in  case  the  office  is  cut  off  from  a 
CallManager  at  a  central  site.  New  features  include  con¬ 
ference  call  transferring,  music-on-hold  support  for 
Cisco’s  7935  IP  conferencing  station. 

Also  in  the  wired  world  of  VoIP  start-up  Nuasis  is  debut¬ 
ing  with  its  NuContact  Center,  an  IP-based  automatic  call 
distributor,  which  controls  phone  call  routing  in  a  call 

See  Interop,  page  96 


Introducing  the  AMD  Opteron"  processor,  64-bit  computing  for  today’s  32-bit  world 
It’s  the  only  processor  that  is  designed  to  run  your  32-  and  64-bit  applications  simultaneously  and  without  compromise 
AMD  Opteron  runs  on  AMD64-a  breakthrough  architecture  that  enables  64-bit  technology  on  the  x86  platform- 
creating  a  new  class  of  computing  so  you  can  migrate  to  64-bit  technology  on  your  own  terms. 


The  world’s  highest  performing  2P  and  4P  servers  are  now  powered 
by  AMD  Opteron  processors.  Receive  the  performance  and  security  benefits  of 
64-bit  computing,  while  getting  the  best  32-bit  performance  available  anywhere. 


AMD£!  y 

Opteron" 


Leverage  your  existing  investments  while  preparing  for  the  future.  One  architecture 
across  one  enterprise  means  you  won’t  have  to  rip  and  replace  your  entire  infrastructure  when  you  transition 
to  64-bit  computing.  It’s  just  another  way  AMD  designs  and  builds  processors  with  you  in  mind.  For  a  closer 
look  at  the  financial  and  performance  advantages  of  the  AMD  Opteron  processor,  visit  www.amd.com/opteron 


©  2003  Advanced  Micro  Devices.  Inc.  All  rights  reservjM.  AMD.  the  AMD  Arrow  logo.  AMD 
Opteron.  and  combinations  thereof  are  trademark*  of  Advanced  Micro  Devices,  Inc 
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Jury  is  out  on  Windows  2003 

Survey  says  most  users  undecided  or  staying  away  from  Microsoft's  latest  OS. 


■  BY  JOHN  FONTANA 

SAN  FRANCISCO  —  Despite  last  week’s  party  to  launch 
Windows  Server  2003,  the  sobering  reality  is  that  cus¬ 
tomers  are  in  no  rush  to  roll  out  the  operating  system  that 
is  the  gateway  to  a  new  generation  of  Microsoft  software. 

Windows  Server  2003  does  provide  security  and  perfor¬ 
mance  gains,  64-bit  support  and  the  foundation  for  real¬ 
time  communication,  a  collaboration  infrastructure  and  a 
management  platform.  (See  our  review  of  Windows  Server 
2003  at  www.nwfusion.com,  DocFinder:  5662.)  But  a  down 
economy  and  lingering  Windows  2000  upgrades  are  caus¬ 
ing  users  to  think  hard  about  migrations. 

In  a  recent  survey  by  The  Yankee  Group,  about  half  of 
1,000  respondents  said  they  have  not  determined  if  they 
will  adopt  the  server,  and  15%  said  they  would  not.  Only 
12%  of  the  current  Windows  installed  base  plans  to  adopt 
the  new  operating  system  in  the  next  year, compared  with 
30%  that  adopted  Win  2000  in  its  first  12  months. 

“I  like  what  I  see  in  Windows  2003,”  says  Tim  Matthews, 
associate  director  of  technology  for  the  University  of  Texas 


In  with  the  new? 


School  of  Business  in  Austin,  who  says  he  runs  the  operat¬ 
ing  system  on  his  home  network. “But  we  are  very  happy 
with  Windows  2000,  which  we  have  worked  into  a  nice 
and  stable  platform.”  Matthews,  who  is  involved  with  the 
early-adopters  Joint  Development  Program  for  Exchange 
Server  2003,  says  he  didn’t  want  to  bite  off  more  than  he 
could  chew. 

Critics  say  Matthews  need  not  worry,  as  there  is  not  a 
lot  to  chew  on  in  Windows  Server  2003.  But  what  is  there 
is  the  foundation  for  the  next  generation  of  Microsoft 
software. 

During  his  keynote  address  opening  the  launch  event 
last  week  in  San  Francisco,  Microsoft  CEO  Steve  Ballmer 
defended  the  sen'er  by  calling  it  “a  very  significant  piece 
of  work;  it  is  not  just  a  small  incremental  release.  It  is  a 
breakthrough  in  security  and  reliability, a  breakthrough  in 
management, a  breakthrough  for  software  developers  and 
those  who  want  to  collaborate.” 


This  is  the  first  operating  system  developed  under 
Microsoft’s  Trustworthy  Computing  initiative,  which  in  the¬ 
ory  should  reduce  the  number  of  patches  for  it  down  the 
road.The  operating  system  also  has  many  features  turned 
off  by  default,  which  should  help  users  avoid  inadver¬ 
tently  opening  themselves  to  attacks. 

Microsoft  also  has  focused  on  performance  and  server 
consolidation  as  the  hallmarks  of  the  new  operating  sys¬ 
tem.  And  with  the  addition  of  64-bit  support,  Microsoft 
contends  that  Windows  Server  2003  is  better  equipped  to 
run  critical  applications  and  databases,  including  the  64- 
bit  SQL  Server  that  also  was  released  last  week. 

Also,  improvements  in  Active  Directory  should  solve  lin¬ 
gering  operational  headaches,  and  the  addition  of  Active 
Directory  Application  Mode  will  provide  deployment 
options. 

Microsoft  for  the  first  time  is  including  natively  in  the 
base  operating  system  its  .Net  Framework,  which  supports 
the  execution  of  Web  services  applications. 

“If  you  are  on  NT  4.0  you  will  see  the  largest  differential 
[in  features  and  performance] ,”  says  Michael  Cherry,  an 
analyst  with  Directions  on  Microsoft,  a 
research  firm. “If  you  are  on  Windows  2000  it 
depends  on  if  you  deployed  Active  Directory 
Those  with  [Active  Directory]  deployed  will 
see  the  least  differential.  The  thing  that 
Microsoft  customers  will  struggle  with  is  that 
there  is  no  single  big  feature.” 

That  is  certainly  one  of  the  factors  weighing 
on  IT  decision-makers. 

“We  are  still  determin¬ 
ing  if  we  will  go  to 
Windows  2000  or  2003,” 
says  Carol  Fee,  network 
administrator  for  voice 
application  vendor  Arti¬ 
soft  in  Cambridge,  Mass. 
Fee  runs  an  NT  network 
that  includes  an  abun¬ 
dance  of  Win  2000 
servers.  “Windows  2003 
has  some  nifty  improve¬ 
ments,  but  it  is  only  gold 
code  and  hasn’t  been 
tested,”  she  says. 

Like  most  upgrades,  users  will  have  to  evalu¬ 
ate  the  migration  in  relationship  to  long-term 
plans,  says  Chris  Burry  technology  infrastruc¬ 
ture  practice  director  and  technology  fellow 
for  Avanade,  a  systems  integrator. “You  have  to 
look  at  what  you  are  trying  to  accomplish  with  your  infra¬ 
structure,”  he  says.  “How  are  you  building  that  infrastruc¬ 
ture  for  the  applications  that  you  want  to  use  in  the 
future?" 

The  evaluation  process  is  pushing  some  to  Windows 
2003. 

“What’s  hooking  us  are  the  things  that  weren’t  perfect  in 
Windows  2000  that  have  been  fixed  in  Windows  2003,” 
says  Rob  Sullivan,  vice  president  of  technical  operations 
for  Universal  Network  Exchange  in  New  York,  which  pro¬ 
vides  electronic  trading  solutions  for  institutional 
investors.  Sullivan  cited  load  balancing,  the  .Net  Frame¬ 
work  and  clustering,  which  in  particular  will  let  his  com¬ 
pany  use  a  single  cluster  to  set  up  a  disaster-recovery  cen¬ 
ter  at  a  remote  location. 

“We  are  really  focused  on  those  features  and  will  get 
them  into  production  in  the  next  six  to  eight  months,”  he 
says.  ■ 


Plumtree  bears 
new  portal  fruit 

■  BY  ANN  BEDNARZ 

SAN  FRANCISCO  —  Plumtree  Software  this  week  will  an¬ 
nounce  a  software  suite  that  bundles  upgraded  versions  of 
its  portal,  search,  collaboration  and  content-management 
offerings  with  a  new  module  designed  to  let  customers 
build  composite  portal  applications  from  Web  services. 

Plumtree’s  Enterprise  Web  Suite  is  the  vendor’s  first 
attempt  to  package  its  software  products  as  an  integrated 
application  platform  suite  —  a  trend  analysts  say  is  catch¬ 
ing  on  with  users. 

“By  2004,  most  enterprises  won’t  buy  a  portal  product; 
instead,  they  will  buy  a  set  of  functionality  that  includes 
the  portal,  and  which  will  likely  be  bundled  into  a  suite," 
Gartner  predicts. 

The  suite  includes  one  new  product,  Enterprise  Web 
Development  Kit  (EDK),  which  consists  of  a  tool  set  for 
assembling  portal  applications  from  Web  services  compo¬ 
nents  running  on  different  platforms. 

With  EDK,  Plumtree  aims  to  mask  the  complexity  of  mak¬ 
ing  Web  services  built  in  Java  and  Microsoft’s  .Net  work 
together,  says  Glenn  Kelman,  vice  president  of  marketing 
and  product  management  at  Plumtree.  The  two  develop¬ 
ment  platforms  employ  different  encoding  schemes  and 
different  ways  to  serialize  data.  EDK  offers  tools  to  resolve 
those  differences  behind  the  scenes,  he  says. 

Plumtree  doesn’t  purport  to  replace  the  development 
platform  customers  use  to  build  Web  services  —  whether 
it’s  BEA  Systems’ WebLogic  platform,  IBM’s  WebSphere  plat¬ 
form  or  any  other  system  —  but  it  wants  to  be  the  envi¬ 
ronment  for  assembling  those  Web  services  into  applica¬ 
tions,  Kelman  says.“We’ve  got  these  terrifyingly  huge  com¬ 
petitors.  Ultimately  the  one  thing  we  can  do  that  they  can’t 
is  stitch  it  all  together[’he  says. 

EDK’s  development  tools  include  profile  services,  to 
import  user  data  from  back-end  systems;  authentication 
services  that  synchronize  with  existing  user  directories  so 
developers  can  add  customer,  partner,  supplier  and 
employee  users  to  a  portal;  and  crawler  services  that  seek 
out  and  index  new  content  from  external  repositories. 

To  promote  component  reuse,  the  Enterprise  Web  Suite 
contains  a  revamped  knowledge  directory  that  organizes 
all  the  resources  used  to  build  applications. 

Plumtree  also  devised  a  new  template  to  speed  applica¬ 
tion  building. With  the  templates,  users  can  pull  in  services 
from  Plumtree’s  content  management  and  collaboration 
modules,  and  build  customized  user  interfaces  or  reuse 
existing  models. 

New  security  provisioning  tools  let  companies  designate 
separate  sets  of  controls  for  each  application;  one  user 
might  have  administrator  privileges  in  one  application,  but 
not  another,  for  example.  In  earlier  versions, one  user’s  role 
was  fixed  across  applications,  Kelman  says. 

Also  new  to  the  Enterprise  Web  Suite  is  a  universal  user 
profile  system  that  lets  organizations  import  user  data  from 
back-end  systems  —  such  as  Lightweight  Development 
Access  Protocol  repositories,  human  resources  systems  or 
customer  databases  —  and  combine  it  with  portal  ser¬ 
vices  to  create  more  personalized  applications. 

Enterprise  Web  Suite  includes  upgraded  versions  of 
Plumtree’s  major  products:  Plumtree  Corporate  Fbrtal  5.0, 
Plumtree  Search,  Plumtree  Collaboration  Server  3.0  and 
Plumtree  Content  Server  5.0. 

Plumtree  says  the  new  editions  will  be  available  by 
midyear,  and  a  new  version  of  Plumtree  Studio  Server,  for 
building  database-driven  forms  and  services,  will  be  avail¬ 
able  in  the  summer.  ■ 


Here  is  a  look  at  a  few  of  the  challenges  Microsoft  faces 
in  driving  adoption  of  Windows  Server  2003,  which  does 
not  have  any  marquee  feature  enhancements. 


•  Convince  cash-strapped  IT  departments  that  have  deployed 
Windows  2000  and  Active  Directory  that 
performance  and  security  improvements 
warrant  another  upgrade. 


Prove  through  customer  examples  the  sta¬ 
bility  and  benefits  of  the  new  64-bit  version 
of  the  operating  system,  which,  if  adopted, 
will  require  IT  investment  in  new  hardware. 


•  Convince  users  of  the  competitive  ad¬ 
vantages  in  add-on  technologies  such 
as  real-time  communications  and  digital 
rights  management  that  require  Windows 
Server  2003. 


Numbers  game 


It  took  more  than  three  years 
and  5,000  developers  to  come  up 
with  the  nearly  50  million  lines 
of  code  and  650  technology 
advances  and  enhancements 
that  make  up  Windows  Server 
2003,  which  itself  is  already  on 
its  third  name. 


•  Emerge  unscathed  from  the  initial  and  inevitable  hacker 
onslaught  to  uncover  any  major  security  flaws  in  the  operating 
system,  the  first  to  be  produced  under  Microsoft’sTrustworthy 
Computing  campaign  designed  to  build  secure  code. 
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The  Information  and  Communications  Technology  (ICT) 
Conference  and  Tradeshow  -  strictly  business  to  business. 


iAH 


"  Two  months  ago  our  company  added 


branches  in  two  major  markets.  Sales 
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soared  but  the  wide  range  of  new 


mobile  computing  platforms  created 
significant  integration  challenges. 


k .  -  it  .'*•  x ;  v'  JV 


. 


We're  growing ,  and  that's  great.  But 
due  to  our  infrastructure  conflicts ,  we 
are  not  perceived  as  good  as  we  are. 


We  need  solutions ,  not  empty  sales 
pitches.  Because  we  have  to  move 
quickly ;  we  want  one  venue  to  compare 
expert  opinions  and  determine  what 
would  work  best  for  our  company. 


CeBIT  America's  3-day,  enterprise  only  Conference  and 
Tradeshow  provide  direct  access  to  the  world’s  systems,  applications, 
communications  and  networking  leaders,  in  one  place,  at  one  time. 


June  18  -  20,  2003 
Jacob  K.  Javits  Center 
New  York  City 


If  you're  charged  with  integrating  technologies  and  applications  to 
meet  your  organization's  business  objectives,  then  we'll  see  you  at 
CeBIT  America  -  Where  the  World  Turns  for  ICT  Solutions. 
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Register  Now!  Visit  www.cebit-america.com/info21  to  register  with  priority 


code  MAR3  and  view  our  online  brochure,  or  give  us  a  call,  212-465-0531. 
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Customer  unrest  a  year  later 

HP/Compaq  merger  befuddles  corporate  customers. 


■  BY  DENI  CONNOR 

HP  might  have  calmed  Wall 
Streets  fears  about  the  Compaq 
acquisition,  but  one  year  after 
the  deal  was  finalized  it  appears 
the  company  has  yet  to  con¬ 
vince  the  group  that  matters 
most:  customers. 

Whether  the  topic  is  service, 
storage,  product  road  maps  or 
business  practices,  HP  customers 
generally  report  experiencing  a 
mix  of  satisfaction,  unhappiness 
and  confusion  more  than  any 
benefits  the  company  might  have 
touted  during  its  long  and  con¬ 
tentious  battle  to  gain  stockhold¬ 
er  approval  for  the  merger.  Next 
week  HP  executives  plan  to  brief 
reporters  on  their“enterprise  strat¬ 
egy  and  it’s  a  fair  bet  they  also 
will  face  questions  about  the 
assimilation  of  Compaq. 

“On  paper,  the  merger  looks  to 
have  gone  very  well,”  says  John 
Eisenschmidt,  director  of  pack¬ 
aged  application  implementation 
and  support  for  Feld  Enter¬ 
tainment  in  Vienna, Va.“As  an  HP 
customer,  however,  I’d  have  to  say 
it's  gone  poorly’ 

Feld  Entertainment  is  the  pro¬ 
ducer  of  Ringling  Bros,  and 
Barnum  &  Bailey  Circus  and 
Disney  on  Ice.  Eisenschmidt  has 
HP  Alphaservers,  Compaq  Pro¬ 
Liant  servers  and  a  storage-area 
network  (SAN)  built  with  HP 
products. 

“I’ve  seen  a  dramatic  drop  in  the 
quality  of  service, so  much  so  that 
we  stopped  buying  [what  used  to 
be  called]  Carepaq  support  con¬ 
tracts  and  started  keeping  spare 
servers  on  the  shelf,"  Eisen¬ 
schmidt  says.  “The  failure  rate 
went  up,  the  response  time  went 
down,  and  the  expertise  I  used  to 
know  with  Alpha  and  PC  techni¬ 
cians  on  the  Compaq  side  is 
gone,”  he  says. 

His  concern  is  shared  by  Terry 
Roedecker,  senior  network  man¬ 
ager  for  a  large  financial  institu¬ 
tion  in  the  Midwest,  who  says  he 
has  experienced  similar  issues 
with  his  ProLiant  servers. 

“HP  has  made  some  cultural 
changes  at  Compaq  that  we  don’t 
like,”  Roedecker  says. “One  of  our 
biggest  servers  lost  a  power  sup¬ 
ply  two  weeks  after  going  out  of 
warranty  When  we  called  HP  for  a 
courtesy  extension,  they  said  they 
couldn’t  do  courtesy  extensions 
any  longer.  Compaq  had  done  it 


HP/Compaq  over  the  years 


June  1997:  Compaq  September  2001:  HP 

acquiresTandem  for  announces  plan  to  acquire 
$3  billion.  Compaq  for  $25  billion. 


November  2001: 

HP  board  approves 
acquisition. 


January  1998: 

Compaq  acquires 
Digital  for  $9.6  billion. 
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October  2001: 

Executives  named 
for  merged  company. 


November  2001 
to  May  2002: 

Stockholder  proxy 
battle  ensues. 
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May  2002: 

Shareholders 
approve  deal. 
HP  officially 
launches  new 
company,  un¬ 
veils  road  map. 


November 
2002:  Former 
Compaq  CEO 
Michael  Capellas 
resigns  as 
president  of  HP. 


February  2003: 

HP  reports  $17.9 
billion  revenue 
for  first  quarter, 
below  forecasts. 


several  times  for  us  in  the  past.” 

Roedecker  says  his  organiza¬ 
tion  also  recently  lost  a  mother¬ 
board  on  a  server  that  was  in 
warranty  and  had  next-day  re¬ 
placement  guarantees  with  a 
technician  onsite. 

“The  parts  were  here  the  next 
day,  but  the  technician  wasn’t 
able  to  show  up  for  three  days,” 
Roedecker  says.  “With  Dell,  they 
were  onsite  in  four  hours  to 
replace  a  $30  part.”  Since  switch¬ 
ing  its  business  to  Dell, Roedecker 
has  acquired  50  servers. 

HP  defends  its  support  policies, 
saying  it  has  not  changed  since 
the  merger. 

“Warranties  for  HP  ProLiant 
servers  have  continued  on  as 
they  were  before  the  merger^’  a 
company  spokesman  says. 


More  online! 

Get  all  the  details  on  the 
HP/Compaq  merger 
anniversary. 

Some  merger  goals 
remain  unattained. 

•Services  expanded,  but  still 
lag  behind  IBM. 
•Compaq  servers  under 
siege  by  IBM,  Dell. 

•  Jury  remains  out  on 
Itanium  strategy. 

•  Confusion  clouds 
channel  strategy. 

DocFinden  5648 


Other  HP  customers  say  they 
are  more  pleased  with  their  post¬ 
merger  service. 

“From  a  call  center  or  help  desk 
perspective,  [HP  is]  outstanding,” 
says  Dave  Hogan,  senior  vice 
president  and  CIO  with  the 
National  Retail  Foundation  in 
Washington,  D.C.“From  a  support 
issue,  we  had  a  minor  hardware 
problem, and  they  were  all  over  it. 
I  always  get  a  good  solid  techni¬ 
cal  person  on  the  other  end  of 
the  line,  as  opposed  to  some  call 
centers  with  sales  and  marketing 
people.” 

Wade  Phillips,  technology  man¬ 
ager  for  the  Shakopee  Public 
Schools  in  Minnesota,  says  that 
any  service  problems  HP  has  are 
the  result  of  the  company  being 
larger. 

“HP  has  become  a  bigger  com¬ 
pany,  and  that  has  affected  some 
of  the  personal  touch  that 
Compaq  had,”  Phillips  says.  “The 
presales  and  postsales  guys  hold 
together  the  customer  contact 
and  at  least  keep  us  happy 

Phillips  has  noticed  another 
change. 

“Credit  lines  have  become  a  lot 
harder  —  they  used  to  be  more 
lenient  with  the  pay  cycles  of  our 
school  district,” Phillips  says.They 
have  adopted  better  business 
practices  and  have  changed  to 
become  tougher  that  way’ 

“The  integration  of  storage 
products  is  going  great  with 
respect  to  the  merger^  he  adds. 
“HP  was  very  smart  to  keep  the 
Compaq  StorageWorks  products. 
We  use  StorageWorks  almost 
exclusively 


Some  HP  customers  remain 
bewildered  by  the  company’s 
plans  to  move  so  many  system 
platforms  to  the  Itanium  proces¬ 
sor.  HP  and  Compaq  had  decided 
to  abandon  their  own  server  chip 
architectures  in  favor  of  Intel’s 
Itanium  processor.  Now  that  the 
companies  are  united,  they  must 
work  to  migrate  a  massive 
installed  base  of  PA-RISC  and 
Alpha  server  users  to  the  new 
platform  from  Intel.  Believing  that 
many  customers  will  want  to 
adopt  a  new  processor  and 
migrate  existing  machines  to  it  is 
myopic,  according  to  some  cus¬ 
tomers  and  analysts,  especially  in 
this  down  economy 

“When  you  come  up  from  the 
Xeon  space,  Itanium  looks  attrac¬ 
tive,  says  Hal  Kuff,a  vice  president 
of  technology  and  an  HP  user  at 
wireless  technology  distributor 
Tessco  Technologies  in  Hunt 
Valley  Md.  “But  when  you  come 
down  from  Alpha,  you  have  seri¬ 
ous  concerns  about  the  power  for 
the  dollars.” 

Long-time  HP  customer  Doug¬ 
las  Becker,  IT  specialist  for  the 
Pierce  County  government  in 
Tacoma,  Wash.,  also  questions 
HP’s  plans  to  migrate  users  to 
other  platforms. 

“[The  processor]  is  just  another 
of  their  forays  into  new  technolo¬ 
gy  that  may  or  may  not  last  more 
than  two  years,"  Becker  says.  “As 
for  product  overlap  on  the 
HP3000,  it’s  about  as  likely  as  a 
snowball’s  chance  in  a  blast  fur¬ 
nace  that  Pierce  County  would 
move  from  an  HP3000  to  an 
[Itanium]  running  HP-UX.” 

He  might  consider  Dell  or  IBM 
servers,  but  for  now  Pierce 
County  has  one  HP3000  server 
running  the  mpe/iX  operating 
system,  24  ProLiant  Windows- 
based  servers  and  a  few  HP- 
branded  servers. 

Jamie  Gruener,  senior  analyst 
for  The  Yankee  Group,  says  HP  has 
its  work  cut  out  on  this  issue. 

“HP  is  set  on  Itanium  for  at  least 
the  next  12  months,  but  what  has 
to  be  proven  and  what  a  lot  of 
people  are  waiting  for  is  the  value 
proposition  that  supports  cus¬ 
tomers  moving  their  platforms  to 
Itanium,”  Gruener  says.  “The  sup¬ 
porters  of  Itanium  have  to  show 
that  performance  is  better  than 
existing  systems  and  that  the 
migration  to  these  new  platforms 
is  going  to  be  easy”B 
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just  kind  ot  keeping  my  fingers 
crossed  that  it  doesn’t  rain  today. 


IT  guy 


has  time 


to  chat 


Greg  Brown,  33,  seen 

talking  freely  to  co-workers 

after  deploying 
Nokia  Message  Protector 
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Introducing  Nokia  Message  Protector. 


email  system  integrity.  With  the  ability  to 
process  up  to  120,000  emails  per  hour,  and  the 
intelligence  to  control  the  content  that  enters, 
flows  through  and  leaves  your  network,  you 
can  spend  more  time  doing  things  that 
matter  —  like  getting  to  know  your  colleagues! 
If  you’d  like  more  time  to  chat,  visit 
www.nokia.com/get_a_life/americas 

IMOKIA. 

Connecting  People 


Nokia  has  created  a  complete  purpose-built 
appliance  that  integrates  innovative  security 
technologies  including  virus  protection  from 
Trend  Micro™,  with  unique  Nokia  filtering 
software  —  known  as  statistical  protection  — 
to  deliver  new  levels  of  enterprise  email  security. 
Nokia  Message  Protector  deploys  in  minutes  and 
provides  secure,  automatic  updates  to  optimize 
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You're  looking  at  handheld  network  tools  that  will 


WaveRunner m 
Wireless  Tester 


OneTouch m  Series  II 
Network  Assistant 


Inline  Network  Tester 


give  your  staff  superior  vision  into  solving  network 
problems.  They  give  your  team  one  overwhelming 
advantage:  Better  vision  to  spot  problems  quicker  and 
fix  them  faster.  Fluke  Networks  makes  handheld  testers 
for  all  your  staff,  for  every  job.  For  simple  network 
tests,  there's  the  pocket-sized  LinkRunner™.  The  next 
step  up  is  NetTool™  Pro,  the  world's  only  inline  PC  to 
network  tester  for  solving  tough  connectivity  problems. 
And  the  amazing  OneTouch™  -  for  more  insights  into 
switched  networks  than  ever  before.  For  wireless 
networks,  WaveRunner™  speeds  installation  and  securi¬ 
ty  checks.  Bottom  tine:  A  more  productive  staff.  And 
vastly  improved  network  performance.  So  go  to  our 
web  site  now  for  a  virtual  demo  and  see  how  much 
more  SuperVisionary  you  can  be  with  the  right  tools. 


visit  www.flukenetworks.com/techtools. 
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Cisco  AVVID 
Partner  Program 


Partnering 
for  Success 


Stories  from  the  Cisco  AWID 
Partner  Program. 

Cisco  Systems  In  today’s  environment,  cus¬ 
tomers  demand  solutions  to 
their  business  problems. 
Cisco  Systems®  and  Cisco® 
AWID  (Architecture  for 
Voice,  Video  and  Integrated 
Data)  Partners  provide  these  solutions.  Cisco 
AWID  Partners  are  companies  that  foster 
innovation,  drive  industry  standards  and  accel¬ 
erate  the  integration  of  business-critical  tech¬ 
nologies  built  on  the  open-standards-based 
Cisco  AWID  network  infrastructure. 

The  Cisco  AWID  Partner  Program  is  designed 
to  provide  customers  with  tested,  interoperable 
solutions,  enabling  these  leading  product  and 
services  firms  to  deploy  innovative  business 
solutions. 

On  the  next  few  pages,  you  will  find  the  sto¬ 
ries  of  eight  companies  that  speak  to  the  suc¬ 
cess  and  simplicity  of  an  architectural 
approach  to  technology  solutions  and  the 
many  benefits  gained  by  collaborating  with 
Cisco  and  Cisco  AWID  Partners. 
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SECURE' 

COMPUTING 


NEOnet 

Earns  Extra  Credit 

Cisco  and  Secure  Computing  deliver  safe 
Web  browsing  and  speedy  content  delivery. 


EDUCATIONAL  INSTITUTIONS  know  they  have 
to  keep  kids  safe  from  inappropriate  Web  sites  and 
chat  groups,  but  it’s  a  real  challenge  given  that 
their  IT  staffs  are  typically  stretched  to  the  limit. 


The  Northeast  Ohio 
Network  for  Educational 
Technology  (NEOnet)  found 
a  doubly  appealing  solution 
to  the  problem  in  an  inte¬ 
grated  offering  from  Cisco 
Systems  and  Secure 
Computing  Corp.,  a  mem¬ 
ber  of  the  Cisco  AWID 
(Architecture  for  Voice, 
Video  and  Integrated  Data) 
Partner  Program. 

Cuyahoga  Falls,  Ohio- 
based  NEOnet  provides 
computer  services,  includ¬ 
ing  content  filtering,  to  20 
school  districts.  In  addition 
to  the  kids’  well-being,  fund¬ 
ing  is  at  stake  where  filter¬ 
ing  is  concerned  because 
schools  must  meet  strict 
requirements  to  win  federal 
government  dollars. 

NEOnet  has  been  using 
SmartFilter®  from  San  Jose, 
California-based  Secure 
Computing  for  three  years. 
When  it  was  time  to  upgrade 
the  caching  appliance  on 
which  SmartFilter  was  run¬ 
ning,  NEOnet  searched  for  a 
solution  that  could  also  sup¬ 
port  streaming  video  over  its 
Cisco  network.  NEOnet 


learned  that  SmartFilter 
Version  3.0.2  had  passed  the 
Cisco  AWID  Partner 
Program  testing  criteria  for 
interoperability  with  the 
Cisco  Application  and 
Content  Networking  System 
( ACNS)  Software  Version  4. 1 , 
and  that  Cisco  offers 
SmartFilter  pre-installed  on 
the  Cisco  Content  Engine. 
Clearly,  the  fit  was  right. 

NEOnet  Director  Matthew 
Gdovin  says  the  implemen¬ 
tation  was  easy,  in  large  part 
because  engineers  from 
both  Secure  Computing  and 
Cisco  helped  NEOnet  work 
through  questions  and 
issues.  That  came  as  no  sur¬ 
prise  to  Gdovin,  who  says 
Secure  Computings  support 
organization  is  one  of  its 
most  attractive  attributes. 

NEOnet  put  the  combined 
solution  in  place  in  time  for 
the  2002-2003  school  year, 
and  it’s  worked  flawlessly 
from  the  outset.  “When 
you’ve  got  two  vendors  you 
trust,  and  they  offer  some¬ 
thing  like  this  jointly,  it’s 
just  hard  to  pass  it  up," 
Gdovin  says. 


LEARN  MORE  about  the  Content  Networking  solution  Cisco  and 
Secure  Computing  delivered  for  NEOnet. 

Visit:  www.nwfusion.com/go/neonet 


StHERNARD 


Software’ 


Flexible  content  management  solution  enables  franchise  to  meet 
varying  Internet  access  requirements. 


WHAT  WOULD  YOU  DO  if  you  had  to  welcome  bitter  competitors 
to  your  headquarters  eight  times  a  year  or  more,  along  with  a  pha¬ 
lanx  of  media,  and  make  sure  they  enjoyed  the  comforts  of  home? 


Most  likely,  you’d  pay  close  attention 
to  network  access  and  security.  When 
the  New  York  Giants  faced  this  chal¬ 
lenge,  the  team  found  that  Cisco 
Systems  networking  equipment  and  a 
St.  Bernard  Software  iPrism®  filtering 
appliance  provided  the  light  combina¬ 
tion  of  security  and  access. 

The  Giants  host  eight  regular-season 
games  each  year  at  Giants  Stadium  in 
East  Rutherford,  New  Jersey,  and  must 
provide  Internet  access  for  visitors  and 
reporters.  Moreover,  a  significant  por¬ 
tion  of  the  organization  is  on  the  road  for 
a  month  and  a  half  for  training  camp 
and  at  least  eight  weekends  per  year,  so 
remote  access  to  critical  data  is  a  must. 

Last  year,  the  Giants’  IT  organization, 
led  by  Director  of  Computer  Sendees  Jon 
Berger,  decided  the  team’s  network  was 
due  for  an  upgrade.  “Because  our  net¬ 
work  had  grown  piece  by  piece,  as  in  so 
many  companies,  there  wasn’t  a  lot  of 
homogeneous  design,”  says  Justin 
Warren,  a  technical  support 
specialist.  The  Giants 
decided  to  upgrade  to  a  — ^ 
switched  network  and  £ 
quickly  settled  on 
Cisco  as  its  provider. 

A  state-of-the-art  VPN 
was  a  key  component  of 
last  year’s  Giants 
Stadium  network 
upgrade.  \ 


The  team  wanted  a  more  reliable, 
robust  virtual  private  network  that  it 
could  use  on  the  road.  Parts  of  the  net¬ 
work  had  to  be  segmented,  and  high- 
quality  streaming  video  to  the  desktop 
was  a  must.  The  Giants  and  Cisco  settled 
on  a  design  anchored  by  a  Cisco 
Catalyst®  6500  Series  Switch  and  two 
redundant  Cisco  PIX®  firewalls. 

One  crucial  component  in  this  massive 
upgrade  was  Internet  access  manage¬ 
ment.  The  Giants  have  several  categories 
of  users:  stadium-based  employees, 
remote  employees,  visiting  team  person¬ 
nel  and  media.  The  organization  had 
decided  to  block  certain  categories  of 
URLs,  but  beyond  that,  it  needed  a  flexi¬ 
ble  system  because  each  group  of  users 
requires  access  to  different  types  of  sites. 

The  Giants  selected  iPrism,  the 
Internet  access  management  solution 
from  San  Diego,  California-based  St. 


Bernard  Software.  "For  starters,  it’s 
incredibly  easy  to  set  up,”  Warren  says. 
"We  had  it  out  of  the  box  and  running 
in  10  minutes.” 

St.  Bernard’s  iPrism  is  a  self- 
contained  hardware  appliance  with  60 
preset  and  eight  customizable  content 
categories.  “We  simply  checked  off  the 
categories  we  wanted  blocked," 
Warren  says. 

The  team  could  easily  turn  off  report¬ 
ing  to  reassure  its  users  that  nobody 
was  checking  up  on  their  Web  brows¬ 
ing,  an  advantage  of  iPrism. 

In  addition,  St.  Bernard  is  a  member 
of  the  Cisco  AWID  (Architecture  for 
Voice,  Video  and  Integrated  Data) 
Partner  Program,  and  iPrism  Version 
3.3  has  been  tested  and  passed  strict  cri¬ 
teria  set  by  Cisco  for  interoperability 
with  the  Cisco  PIX  500  Series  Firewall 
at  the  core  of  the  Giants’  network.  Cisco 
AWID  is  a  standards-based  network 
architecture  that  makes  it  easy  to  add 
new  components  as  needed. 

Not  every  enteiprise  is  as  glamorous  as 

an  NFL  franchise,  but  today,  nearly 

every  enteiprise  has  the  same  need 

for  a  versatile,  secure  net- 

gj^t-^^vvork  and  fail-safe 

■.-» Internet  access 
1 1  ^ 

S&Y 


control. 


LEARN  MORE  about  the  Security  and  VPN  solution  Cisco  and  St.  Bernard  delivered  for  the 
New  York  Giants  Visit:  www.nwfusion.com/go/nygiants 
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TT  SECURITY  AND  VPN 


NFL’s  Giants  Score 

with  Cisco  and  St.  Bernard 


Using  IP  to  Shrink  Distances 

Australian  agency  cuts  costs  and  improves  communications  with  IP  videoconferencing. 


AUSTRALIA  IS  A  VAST  NATION  with  a  widely  scattered  populace. 
This  creates  challenges  for  government  IT  organizations  seeking  to 
improve  services  while  staying  within  budget. 

In  the  state  of  Victoria,  the  Department  of  Natural  Resources  and 
Environment  (DNRE)  has  more  than  100  offices.  In  a  bid  to  reduce 
travel  costs  and  increase  employee  safety  while  improving  commu¬ 
nications,  the  department  recently  investigated  videoconferencing. 


“Videoconferencing  provided  the 
opportunity  to  collaborate  effectively 
and  significantly  reduce  our  travel,”  says 
Andrew  Paynter,  project  manager  at  the 
Victoria  DNRE.  "But  ISDN  videoconfer¬ 
encing  was  cost-prohibitive  for  us.” 

The  department  elected  to  run  video- 
conferencing  over  its  recently  created  IP 
network,  based  on  Cisco  AWID 
(Architecture  for  Voice,  Video  and 
Integrated  Data).  At  its  core,  the  network 
uses  Cisco  Catalyst  6509  switches  at 
three  sites  in  a  redundant  array  on  a  met¬ 
ropolitan  dark  fiber  network.  Routing  is 
handled  by  load-balancing  Cisco  7206 
routers.  At  headquarters,  a  Cisco  IP/VC 
3540  Multipoint  Control  Unit  (MCU) 
handles  voice  and  video  bridging. 

The  department  selected  TAND- 
BERG’s  videoconferencing  and  collab¬ 
orative  communications  solu¬ 
tion.  Headquartered  in  Oslo,  Norway, 
and  New  York,  TANDBERG  is  a  global 
supplier  of  collaborative  communica¬ 
tions  solutions.  The  company’s 
Architecture  for  the  Collaborative- 
Communications  Enterprise  (ACE) 
embraces  open  standards  and  lets 
enterprises  take  advantage  of  existing 
network  infrastructure — exactly  what 
the  DNRE  needed. 

What  sealed  the  deal  was  the  fact  that 
TANDBERG  is  a  member  of  the  Cisco 
AVVID  Partner  Program,  and  the 
TANDBERG  1000,  2500  and  6000 


Videoconferencing  Systems  Release 
B6.1/E1.1  have  been  tested  by  a  third 
party  and  have  met  the  Cisco  AWID 
Partner  Program  criteria  for  interoper¬ 
ability  with  the  Cisco  IP/VC  3540  MCU 


for  on-demand  viewing  through  the 
Cisco  Content  Delivery  Networks  solu¬ 
tion,  which  provides  integrated 
caching  and  content  delivery  services 
in  a  single  system. 

According  to  Paynter,  Cisco  provides  a 
fully  converged  network  that’s  scalable, 
redundant  and  cost-effective.  Mean¬ 
while,  TANDBERG  offers  easy-to-use, 
standards-based  videoconferencing  at 
broadcast-television  quality — and  it 
fully  integrates  with  the  Cisco  network 
right  out  of  the  box. 

In  2002,  the  Cisco  and  TANDBERG 
solution  reduced  travel  costs  bv  $3  mil- 
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Victoria's  Department  of  Natural  Resources  and  Environment  is  saving  some  $8  million 
in  travel,  training  and  telecom  costs  with  an  IP  video  network  built  on  top  of  a  Cisco 
AVVID  infrastructure  that  enabled  it  to  seamlessly  integrate  TANDBERG  IP  video- 
conferencing  equipment  at  more  than  100  sites. 


Version  1 .0.  “We’re  interoperable.  With 
Cisco’s  market  leadership  and  impecca¬ 
ble  service,  that’s  really  persuasive  for 
IT,”  says  Andrew  Miller,  TANDBERG’s 
CEO  and  vice-chairman. 

The  system  supports  both  point-to- 
point  and  multipoint  IP  videoconfer¬ 
encing.  Sessions  can  be  recorded,  digi¬ 
tized  and  distributed  to  remote  sites 


LEARN  MORE  about  the  IP  Videoconferencing  solution  Cisco  and  TANDBERG  delivered  for  the 
Victoria  DNRE  Uisit:  www.nwfusion.com/go/victoria 


lion,  telecom  costs  by  more  than  $4  mil¬ 
lion  and  training  costs  by  $  1 .5  million — 
and  that  last  number  is  expected  to  rise 
dramatically  this  year  as  usage  grows. 
The  agency  has  also  found  that  by  intro¬ 
ducing  intelligence  into  its  network  and 
using  the  capabilities  offered  by  con¬ 
tent-sensitive  switching,  routing  and 
content  delivery,  it  has  improved  the 
performance  of  its  mission-critical 
applications  and  WAN.  It  all  adds  up  to 
a  very  rapid  return  on  investment  and 
fewer  plane  rides. 
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Century-old  construction  firm  uses 
firew’all  combined  with  filtering  software 
to  keep  content  appropriate  for  business. 


HAVING  BEEN  IN  THE  CONSTRUCTION 
BUSINESS  for  more  than  100  years,  Lockerbie 
&  Hole  certainly  knows  how  to  build  things — 
including  leading-edge  networks.  But  in  the  mid¬ 
dle  of  the  year  2000,  when  the  Edmonton, 
Alberta-based  company  wanted  to  upgrade  from 
a  frame  relay  network  to  an  IP  network  to  posi¬ 
tion  itself  for  business  in  the  new  century,  it  faced 
a  couple  of  distinctly  21st  century  challenges. 

One  challenge  was  providing  security 
for  its  new  network,  which  would  use 
the  public  Internet  to  save  on  phone 
costs.  The  other  was  filtering  the  Web 
sites  its  employees  accessed.  Corporate 
management  wanted  to  boost  productiv¬ 
ity  by  limiting  the  number  and  types  of 
Web  sites  employees  could  browse,  so 
installing  an  Internet  filter  became  an 
important  part  of  the  network  upgrade. 

Lockerbie’s  frame  relay  network  was 
based  on  equipment  from  Cisco 
Systems.  So  when  a  representative  from 
Telus  Communications,  Lockerbie’s 
local  phone  company,  suggested  the 
company  base  its  new  network  on  Cisco 
AWID  (Architecture  for  Voice,  Video 
and  Integrated  Data),  Lockerbie  readily 
agreed.  The  new  IP  network  uses  seven 
Cisco  3600  Series  routers  and  several 
Cisco  Catalyst  switches:  six  3548  XLs, 
two  2924  XLs  and  one  2912  XL.  Telus,  a 
Cisco  Gold  partner,  also  recommended  a 
Cisco  PIX  5 1 5  Firewall  to  secure  the  net¬ 
work  from  intruders. 

The  next  step  was  to  choose  the  Internet 
filtering  solution.  Lockerbie’s  reseller, 


Sheldon  Guenther  used  tools 
solution  that  keeps  Lockerbie 


MicroAge,  recommended  the  company 
try  Sentian™,  enterprise-level  Internet  fil¬ 
tering  software  from  N2H2,  Inc.,  of 
Seattle,  Washington.  Because  Sentian 
Version  1.0  had  met  the  interoperability 
testing  criteria  set  by  the  Cisco  AWID 
Partner  Program  with  the  Cisco  PIX  5 1 5 
Firewall,  it  seemed  a  good  choice. 

"After  downloading  the  trial,  it  was 
installed  and  running  in  about  10  min¬ 
utes.  We  could  see  immediately  it  was 
exactly  what  we  needed,”  says  Sheldon 
Guenther,  network  analyst  for 
Lockerbie  &  Hole.  Company  managers 
are  most  interested  in  statistics  such  as 
top  Internet  sites  viewed  and  percent¬ 
age  of  sites  blocked.  Administrators  can 
also  search  by  user  name,  IP  address 
and  time  of  day.  "We  can  give  our  man¬ 
agers  just  what  they  need  to  confront 
people  over  inappropriate  Internet 
usage,”  Guenther  says. 

Applying  filtering  to  the  network  is 
likewise  a  snap  using  the  wizard  provid¬ 
ed  in  the  Cisco  PIX  Device  Manager. 
The  N2H2  Administration  module 
allows  the  systems  administrator  to 


LEARN  MORE  about  the  Security  and  VPN  solution  Cisco  and  N2H2  delivered  for  Lockerbie 
Si  Hole  Visit:  www.nwfusion.com/go/lockerbie 


from  Cisco  and  N2H2  to  construct  a  filtering 
S  Hole's  Web  surfers  focused  on  business. 

simply  select  a  group  or  individual  user 
from  those  defined  in  the  Windows 
Active  Directory  Controller,  then  assign 
categories  of  Web  sites  that  should  be 
filtered  for  that  user  or  group.  N2H2 
maintains  lists  of  sites  that  belong  in 
each  category,  based  on  its  own 
research  and  feedback  from  its  users, 
and  Lockerbie  downloads  updates  daily. 

All  Web  traffic  going  through  the  PIX 
Firewall  gets  forwarded  through 
Sentian,  but  neither  remote  nor  in- 
house  users  have  seen  a  reduction  in 
access  speed,  Guenther  says. 

The  implementation  was  extremely 
smooth.  N2H2  worked  closely  with  the 
in-house  project  team  to  ensure  the  fil¬ 
tering  installation  would  be  transpar¬ 
ent  to  Lockerbie  users,  while  Telus 
headed  up  the  Cisco  PIX  Firewall  and 
network  installation. 

Lockerbie  &  Hole  now  has  a  network 
that  matches  its  venerable  reputation. 
“It’s  so  much  faster  and  cheaper  than 
the  old  frame  relay  network,”  Guenther 
says.  As  for  the  Sentian  filter,  the  payoff 
is  increased  productivity.  Guenther 
can’t  prove  employees  aren’t  wasting 
time  chatting  around  the  water  cooler, 
but  he  is  sure  they  aren’t  browsing  inap¬ 
propriate  Web  sites. 
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•  Work  Smarter. 


Proving  the  Quality  of  IP  Telephony 

NetlQ’s  Vivinet ™  Management  Suite  helps  Sprint  assure  its  customers  that  IP  telephony 
doesn’t  mean  sacrificing  voice  quality. 


NEAR  THE  END  OF  2001 ,  with  organizations  large  and  small  inter¬ 
ested  in  IP  telephony  to  reduce  network  costs  and  complexity, 
Sprint  Corp.  sensed  the  time  was  right  to  offer  an  IP  telephony  man¬ 
aged  network  service  (MNS). 


But  one  of  its  concerns  was  assuring 
customers  they  could  migrate  to  IP 
telephony  without  sacrificing  the  voice 
quality  provided  by  the  public  switched 
telephone  network  (PSTN). 

Sprint  knew  that  one  version  of  its 
new  offering  would  be  based  on  Cisco 
Systems  IP  Communications  solutions. 
So,  before  rolling  out  its  SprintIP  Voice 
Services  MNS  offering,  Sprint  needed 
to  find  a  network  management  plat¬ 
form  that  was  not  only  integrated  with 
Cisco  IP  Communications  solutions 
such  as  IP  telephony,  but  would  also 
work  with  all  the  existing  network 
infrastructure  that  Sprint — and  its  cus¬ 
tomers — had  in  place. 

"We  had  to  make  sure  the  manage¬ 
ment  platform  would  integrate  easily 
with  the  current  management  software 
out  there.  This  is  critical  when  you  have 
an  IP  telephony  solution,”  says  Barbara 
Schauperl,  senior  manager,  Sprint 
Managed  Network  and  Professional 
Services  Product  Management  group  in 
Kansas  City,  Missouri. 

After  casting  a  wide  net  for  available 
network  management  technology. 
Sprint  zeroed  in  on  NetlQ  Corp.  of  San 
Jose,  California.  NetlQ  offers  several 
voice  and  video  management  packages, 
including  Vivinet  Manager  Suite,  which 
handles  day-to-day  network  monitoring 
and  management,  and  Vivinet  Assessor, 
which  assesses  the  networks  readiness 
for  IP  telephony  prior  to  deployment. 

NetlQ  s  Vivinet  Manager  2.1  has  been 


tested  with  Cisco  CallManager  3.1(1)- 
MCS  through  3.1(4b)-MCS  and  Cisco 
Unity™  3.0(2)  through  4.0,  in  accor¬ 
dance  with  interoperability  criteria  set 
by  the  Cisco  AWID  (Architecture  for 
Voice,  Video  and  Integrated  Data) 
Partner  Program,  making  it  easy  to 
deploy  with  Cisco  IP  telephony  prod¬ 
ucts.  That  was  significant  to  Schauperl. 


soon  thereafter.  Sprint  rolled  out  the 
product  internally  around  mid-vear  and 
launched  SprintIP  IP  Voice  Services 
MNS  in  October  of  2002 — an  impres¬ 
sive  turnaround  for  a  major  new  service 
offering.  "Speed  and  time  to  market  are 
always  a  priority,”  Schauperl  says. 

Representatives  from  Cisco  and  NetlQ 
joined  Sprint  staffers  on  the  project 
team,  which  was  headed  by  a  project 
manager  from  Sprint.  “We  really  felt  like 
we  were  a  team  throughout  the  whole 
process.  Cisco  and  NetlQ  were  very 
quick  to  respond,”  Schauperl  says.  "We 
have  received  continued  support  from 
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NetlQ  Vivinet  Manager  uses  software-based  agents 
installed  on  the  Sprint  customer's  Cisco  CallManager  or  Cisco  Unity 
call  server  to  collect  performance  data.  The  data  is  fed  through  the 
corporate  firewall  back  to  a  central  monitor,  enabling  the  Sprint  operator 
to  monitor  all  events  and  take  action  to  resolve  problems. 
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“Cisco  is  very  proactive — they  introduce 
the  service  solution  right  along  with  the 
new  box.  We’re  in  the  business,  so  we 
can  appreciate  that,”  she  says.  "For  me, 
it’s  all  about  the  total  solution  we’re  pro¬ 
viding  the  customer.” 

In  the  first  quarter  of  2002,  Sprint 
decided  to  implement  NetlQ  Vivinet 
Manager  and  completed  a  beta  test 


LEARN  MORE  about  the  IP  Telephony  solution  Cisco  and  NetlQ  delivered  for  Sprint. 

Visit:  www.nwfusion.com/go/sprint 


NetlQ  and  Cisco,  and  have  had  virtually 
no  problems  with  the  implementation.” 

Schauperl  is  most  pleased  about 
Sprint  being  able  to  take  advantage  of 
the  increasing  interest  in  IP  communi¬ 
cations  network  services  while  provid¬ 
ing  the  network  management  and  mon¬ 
itoring  services  through  Vivinet 
Manager  that  help  customers  operate 
their  businesses.  "Were  meeting  the 
customers’  need  for  a  total  service  solu¬ 
tion,”  she  says.  "That’s  the  most  impor¬ 
tant  thing  to  us.” 


Advertising  supplement 


DataVoice 

Necessity  Breeds  Invention 

Cisco  partners  IP  voice  recording  solution  saves  the  day  in  Jacksonville,  North  Carolina. 


IN  THE  YEAR  2000,  the  City  of  Jacksonville  had  no  IT  infrastructure 
to  speak  of — no  citywide  network,  no  e-mail  system  and  an  aging 
phone  system.  Calls  in  to  the  police  station  were  recorded,  as  required 
by  federal  law,  on  an  aging  tape-driven  system  from  Dictaphone  Corp. 


Midway  through  2001,  the 
Jacksonville  City  Council  decided  it 
was  time  to  install  a  state-of-the-art 
network.  It  hired  a  new  director  of  IT, 
Earl  Bunting,  who  quickly  began  the 
task,  ultimately  signing  a  contract  with 
Sprint  Corp.  to  install  an  IP  telephony 
network  based  on  Cisco  Systems  IP 
Communications  solutions. 

The  deployment  went  well  until  the 
project  team  discovered  the  phone¬ 
recording  system  wouldn’t  work  with 
IP  telephony.  Bunting  considered  halt¬ 
ing  the  deployment,  but  then 


Dictaphone  and  its  new  partner, 
Spescom  DataVoice  Ltd.,  proposed  a 
solution.  Spescom s  DataVoice  Nexus 
Version  2.2  had  been  tested  in  accor¬ 
dance  with  interoperability  criteria  set 
by  Cisco  in  the  Cisco  AWID 
(Architecture  for  Voice,  Video  and 
Integrated  Data)  Partner  Program  for 
use  with  Cisco  CallManager  Version 
3.1(3)-MCS,  making  it  easy  to  deploy. 

Representatives  from  Spescom 
DataVoice  traveled  from  their  South 
Af  rican  headquarters  to  join  colleagues 
from  Sprint,  Cisco  and  Dictaphone  at 
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Integrity  and  the  VPN  made  for  easier 
installation  and  maintenance. 

With  the  involvement  of  Cisco  and 
Zone  Labs,  the  Integrity  implementa¬ 
tion  was  straightforward.  It  took  about 
half  a  day  for  the  project  team  to  get 
the  first  client  up  and  running  with  the 
system,  and  the  remainder  of  the  800 
mobile  users’  PCs  were  configured 
remotely,  significantly  speeding  the 
installation.  For  Scott  Olson,  senior 
WAN  technical  analyst  for  Donaldson, 
the  relationship  between  Cisco  and 
Zone  Labs  was  a  major  selling  point. 

"There  was  a  lot  of  cooperation 
between  the  vendors.  That  really 
helped  tie  things  together,”  says  Olson. 
"Now  we  only  allow  known,  good 
applications  to  communicate  over  the 
network.” 


City  Hall  in  Jacksonville  to  plan  the 
installation.  They  arrived  on  a  Thursday. 
“By  Tuesday,  we  were  up  and  running 
for  the  first  test,”  Bunting  says. 

Today,  the  City  of  Jacksonville  and 
Bunting  are  thrilled  with  the  recording 
system  and  the  Cisco  IP  Communica¬ 
tions  solution,  with  tools  including  e-mail 
and  a  first-class  Cisco  Unity  unified  mes¬ 
saging  system.  "The  city  employees  are 
very  happy  with  what  they  have.  It  has 
really  increased  productivity,”  he  says. 
The  $6,000  per  month  the  city  now  saves 
on  its  phone  bill  doesn’t  hurt,  either. 


LEARN  MORE  about  the  IT  Telephony  solu¬ 
tion  Cisco  and  Spescom  DataVoice  deliv¬ 
ered  for  the  City  of  Jacksonville,  N.C. 

Visit:  www.nwfusion.com/go/jacksonuille 


LEARN  MORE  about  the  Security  and  VPN 
solution  Cisco  and  Zone  Labs  delivered  for 
Donaldson  Co. 

Visit:  www.nwfusion.com/go/donaldson 
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Remote  Control 


Cisco  Systems  and  Zone  Labs  team  up  to  help  Donaldson 

ensure  its  remote  PCs  meet  corporate  security  standards. 

DONALDSON  COMPANY,  INC.,  a  $1.1  billion  manufacturer  of  fil¬ 
tration  systems  and  replacement  parts,  needed  a  way  to  ensure  that 
remote  PCs  met  corporate  security  standards  before  they  were 
allowed  to  access  the  network. 


The  company  installed  a  Cisco  VPN 
3000  Series  Concentrator  to  protect  the 
remote  transfer  of  data,  but  it  needed  a 
way  to  also  ensure  the  physical  integri¬ 
ty  of  the  remote  PCs. 

Donaldson  decided  to  install  the 
Integrity  enterprise  security  solution 
from  Zone  Labs  to  enforce  up-to-date 
security  policies  for  about  800  remote 
PCs.  Zone  Labs  Integrity™  Version  1.5 
meets  the  interoperability  test  criteria 
set  by  the  Cisco  AWID  (Architecture 
for  Voice,  Video  and  Integrated  Data) 


Partner  Program  and  has  been  tested 
with  the  Cisco  VPN  3000  Series 
Concentrator  Software  Version  3.5.1. 
When  these  products  are  used  together, 
the  Zone  Labs  Cooperative  Enforce¬ 
ment™  technology  ensures  that  remote 
PCs  adhere  to  corporate  network  secu¬ 
rity  standards,  such  as  the  presence  of 
up-to-date  virus  definitions  and  the 
absence  of  file-sharing  services.  If  the 
PCs  are  in  compliance,  Integrity  allows 
them  to  connect  to  the  network  using 
the  Cisco  VPN.  Integration  between 
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IT’S  AN  UNDERSTATEMENT  to  call  International  Tmck  and  Engine 
Corporation  a  far-flung  enterprise.  The  company  has  a  network  that 
spans  North  and  South  America,  with  15,400  employees  and  9,000  PCs. 


LEARN  MORE  about  the  Content  Networking 
solution  Cisco  and  Websense  delivered  for 
International  Truck  and  Engine. 

Visit:  www.nwfusion.com/go/truck 


As  Regina  Goeing,  International  Truck 
and  Engines  manager  of  network  admin¬ 
istration,  puts  it,  "That’s  9,000  opportuni¬ 
ties  to  surf  the  ‘Net.”  Small  wonder,  then, 
that  the  manufacturing  giant  needed  an 
industrial-strength  employee  Internet 
management  (EIM)  solution. 

To  filter  content,  International  Tmck 
and  Engine  more  than  three  years  ago 
turned  to  Websense,  Inc.,  based  in  San 
Diego,  California.  The  software  compa¬ 
ny’s  Websense  Enterprise®  EIM  solution 
"lets  us  improve  employee  productivity, 
keep  our  bandwidth  for  business  uses 
and  protect  ourselves  from  the  liabilities 
of  the  Internet,”  Goeing  says. 

While  International  Tmck  and  Engine’s 
IT  group  achieved  great  success  with 
Websense  Enterprise,  there  was  one 
deployment  issue:  due  to  the  distributed 
nature  of  its  network,  the  company  had 
to  deploy  Websense  across  many  differ¬ 
ent  devices,  including  its  firewalls.  That 
conflicted  with  Goeing’s  goal  of  improv¬ 
ing  efficiency  by  “getting  everything  off 
the  firewall  except  the  firewall.” 


When  the  IT  group  was  researching 
caching  solutions  to  help  alleviate 
deployment  issues,  it  learned  that 
Websense  Enterprise  Version  4  had 
passed  the  Cisco  AWID  (Architecture  for 
Voice,  Video  and  Integrated  Data)  inter¬ 
operability  testing  criteria  with  the  Cisco 
Content  Engine  500  Series — a  natural  fit 
with  the  company’s  network,  which  is 
predominantly  Cisco  equipment.  "The 
fact  that  Websense  was  interoperable 
with  Cisco  firewalls  and  content  devices 
was  a  real  plus,”  Goeing  says. 

A  Cisco  Content  Engine  working  with 
Websense  Enteiprise  makes  it  easy  for  IT 
staffers  to  maintain,  too.  Much  of  the 
credit  goes  to  the  Cisco  Web  Cache 
Communication  Protocol,  which  allows 
the  Cisco  cache  engines  to  localize  Web 
traffic  patterns  in  the  network  and 
dynamically  direct  HTTP  strings  to  the 
most  appropriate  content  engine.  The 
combination  of  Cisco  and  Websense  dra¬ 
matically  reduces  WAN  bandwidth  con¬ 
sumption  and  improves  end  user  pro¬ 
ductivity — a  powerful  one-two  punch. 


Meet  the  interoperability  challenge: 

Look  for  the  Cisco  Compatible  logo 
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Products  and  services 
carrying  the  Cisco 
Compatible  logo  have 
been  tested  for 
interoperability  with 
one  or  more  Cisco 
products  — so  you  can 
install  with  confidence. 
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The  Cisco  Compatible  Logo  indicates  that  a  company's  product,  technology,  or 
service  has  undergone  interoperability  testing  by  the  company  together  with  Cisco 
®  and/or  a  third-party  test  house  based  on  testing  criteria  set  by  Cisco. 
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■  TCP/IP,  LAN/WAN  SWITCHES 

■  ROUTERS  ■  HUBS 

■  ACCESS  DEVICES  ■  CLIENTS 

■  SERVERS  ■  OPERATING  SYSTEMS 

■  VPNS  ■  NETWORKED  STORAGE 


Gauging  the  network  effect  of  grids 


■  BY  CAROLYN  DUFFY  MARSAN 

As  more  companies  pilot  grid-based 
applications,  the  question  for  network 
executives  is  what  effect  grid  computing 
will  have  on  the  design  and  performance 
of  their  infrastructures. 

Initially;  the  answer  appears  to  be  none. 
That’s  because  most  companies  are  being 
driven  to  grid  computing  by  a  desire  to 
increase  utilization  of  their  LANs  and 
WANs.  But  long  term,  the  trend  toward  dis¬ 
tributed  processing  of  compute-intensive 


Takes 


and  data-intensive  applications  might 
result  in  the  need  for  more  redundant  net¬ 
work  designs,  smarter  middleware  and 
high-availability  network  services. 

“Typicallyyou  don’t  need  to  make  signif¬ 
icant  modifications  to  your  network  infra¬ 
structure  to  make  it  work  with  grid  com¬ 
puting,”  says  Peter  Jeffcock,  group  market¬ 
ing  manager  for  grid  computing  at  Sun. 
“The  primary  change  in  adding  a  grid  is  in 
increased  utilization  and  the  number  of 
systems  connected.” 

But  as  network  utilization  rises,  compa¬ 
nies  might  need  to  upgrade  bandwidth  or 
storage,  Jeffcock  says. 

“You  may  need  to  make  some  changes  if 
your  environment  goes  from  running  at 
20%  capacity  to  80%  capacity  because  if 
you  have  a  failure  you’ll  start  to  lose  sig¬ 


nificant  functionality  he  says.  “You  might 
need  to  rearchitect  parts  of  the  network 
around  potential  failure  points.” 

Most  companies  testing  grid  applica¬ 
tions  today  are  trying  to  increase  use  of 
their  existing  networks,  particularly  100M 
bit/sec  or  1G  bit/sec  Ethernet  LANs 
installed  in  the  late  1990s.  Many  compa¬ 
nies  also  have  T-3  or  higher  WAN  connec¬ 
tions  that  were  built  for  peak  loads  but 
experience  significant  excess  capacity 

By  distributing  key  applications  across  a 
LAN  or  WAN  grid,  network  managers  can 
increase  the  speed  at  which  processing  is 
done  or  the  size  of  the  data  set  that  is 
processed  without  having  to  purchase 
additional  hardware  or  software. 

“Over  the  past  10  years,  companies  have 
spent  an  enormous  amount  of  money 


buying  networks  and  computers,  and 
most  of  the  time  they  are  just  space 
heaters,”  says  Wade  Hennessey,  CTO  and 
vice  president  of  engineering  at  Kontiki,a 
video-transmission  software  company 
that  recently  introduced  its  first  grid  prod¬ 
uct.  “Companies  are  not  spending  tons  of 
money  on  hardware  anymore.  They’re 
looking  for  something  they  can  use  with 
what  they’ve  already  bought.” 

Most  corporate  grids  run  across 
intranets,  while  Internet-based  grids  are 
popular  with  the  academic  community 
many  companies  are  testing  grids  initially 
on  LANs  in  a  particular  location  and 
spreading  them  out  across  their  WANs. 

As  companies  gain  more  experience 
with  grids,  they  are  finding  that  they  might 

See  Grid,  page  26 


■  Ingate  Systems  and  Quick  Eagle 

have  assembled  a  package  for  cus¬ 
tomers  looking  to  connect  a  branch 
or  telecommuter  office  to  a  VPN  and 
protect  it  with  a  firewall.  The  deal 
pairs  a  55M  bit/sec  Ingate  Firewall 
1200,  which  has  VPN  capabilities, 
with  a  Quick  Eagle  4231  access 
router.  The  firewall  supports  Session 
Initiation  Protocol,  which  makes  it 
simpler  to  set  up  the  firewall  to  allow 
SIP-based  IP  phone  calls  and  video- 
conferencing.  The  router  has  oneT-1 
port  for  connecting  to  the  WAN.  The 
list  price  of  the  bundle  is  $1,900. 

■  Allot  Communications  will  unveil 
a  new  quality-of-service  appliance  at 
NetWorld+ Interop  it  says  will  make  it 
possible  for  corporate  users  to  boost 
application  performance  over  multi¬ 
ple  WAN  links.  The  NetEnforcer 
AC-802  device  doubles  the  through¬ 
put  of  the  company’s  former  top- 
shelf,  QoS  appliance,  the  AC-701,  to 
310M  bit/sec,  making  it  suitable  for 
the  largest  companies.  The  gear  sits 
between  the  WAN  router  and  the 
LAN,  and  enforces  QoS  rules  on  traf¬ 
fic.  It  can  monitor  traffic  at  any  net¬ 
work  layer  and  report  on  top  users, 
bandwidth  utilized,  bandwidth  con¬ 
sumed  per  application  and  sites  visit¬ 
ed  by  Web  browsers,  among  other 
metrics.  AC -802  will  be  available  in 
May.  It  costs  $40,000  to  $50,000, 
depending  on  model. 


Unisys  to  release  data  center  server 


■  BY  TOM  KRAZIT 

Unisys  will  try  to  convince  IT  managers 
to  consolidate  multiple  servers  into  its 
new  ES7000/560  server  when  the  product 
launches  in  June. 

Introduced  last  week,  the  ES7000/560 
combines  three  data  center  functions  into 
one  machine,  says  Mark  Feverston,  vice 
president  for  enterprise  server  marketing 
at  Unisys.The  server  features  up  to  32 
Xeon  MP  processors  and  up  to  32  Itanium 
2  processors  to  handle  both  32-bit  appli¬ 
cation  serving  and  64-bit  databases,  and 
blade  servers  for  Web  infrastructure 
management. 

Customers  can  manage  their  Web  infra¬ 
structure  with  the  ability  to  add  up  to  42 
PCI  blade  servers,  Feverston  says.  The 
package  comes  with  Unisys’  Server  Sen¬ 
tinel  management  software  to  help  make 
enterprise  data  server  environments  easy 
to  manage. 

“[Customers]  will  have  the  ability  to 
manipulate  and  add  the  right  processing 
resources  at  the  right  moment.  You  don’t 
have  to  buy  an  infrastructure  for  only  one 
function,”  he  says. 

However,  consolidation  is  a  tricky 
undertaking,  says  John  Enck,  a  vice  pres¬ 
ident  with  Gartner.“There  are  no  easy  an¬ 
swers  to  consolidation.  This  is  a  partial 
answer,  for  certain  types  of  applications,” 
he  says. 

For  example,  the  Windows  operating  sys- 


Unisys'  ES7000/560  can  run  blade  servers, 
32-bit  applications  and  64-bit  databases,  the 
company  says. 


tern  does  not  lend  itself  to  running  multi¬ 
ple  applications,  Enck  says.  The 
ES7000/560  lets  the  user  partition  the  ser¬ 
ver,  so  multiple  copies  of  the  operating 
system  can  be  used,  but  those  multiple 
software  images  don’t  help  an  IT  manager 
consolidate  his  environment,  he  says. 

The  new  server  lets  data  center  man¬ 
agers  consolidate  the  physical  area  that 
multiple  servers  take  up,  which  can  come 
as  quite  a  relief  to  companies  trying  to 
save  space,  Enck  says. 


The  dual  Xeon/Itanium  construction  is 
unique  among  the  major  server  vendors, 
Enck  says.  But  the  ability  to  add  the 
blades  right  into  the  server  housing, 
rather  than  having  to  build  a  rack  for  their 
storage,  will  be  more  attractive  to  buyers 
than  the  ability  to  run  32-bit  and  64-bit 
applications  next  to  each  other,  he  says.’T 
just  haven’t  seen  a  lot  of  interest  in  Itan¬ 
ium,”  he  says. 

Unisys  expects  that  small  or  midsize  busi¬ 
nesses  will  use  the  new  server  to  run  their 
IT  infrastructures,  or  that  larger  enterprise 
customers  will  purchase  two  or  three, 
Feverston  says.  A  base  configuration  of  the 
server  with  16  of  Intel’s  2.0GHz  Xeon  MP 
processors  and  eight  Itanium  2  processors 
costs  $250,000. 

Along  with  the  base  configuration, users 
can  choose  different  “starter  kit”  assort¬ 
ments  of  blade  servers  based  on  their 
companies’  needs,  such  as  load  balanc¬ 
ing,  DNS  management  and  others.  The 
server  is  scheduled  to  be  available 
in  June. 

Companies  without  a  history  of  data 
center  expertise  will  be  interested  in  the 
ES7000/560,  Enck  says.  The  services  and 
support  that  Unisys  provides  with  the  ser¬ 
ver  will  make  it  easier  for  companies  to 
get  an  enterprise-class  data  center  up  and 
running,  he  says. 

Krcizit  is  a  correspondent  with  the  IDG 
News  Service's  Boston  bureau. 
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Ohio  State  adapts  course  content  for  PDAs 


Lectures  in  the  Palm  in  your  hand 

Medical  students  on  field  assignments  around  the  state  were  cut  off  from  Web-based 
courseware.  Palm  PDAs,  memory  cards  and  reformatted  content  now  give  them  a 
classroom  in  their  hands. 


O  Power  Point  files,  images  and  ©  Using  PDF  template  and  PC,  Dies  ©  Courseware  is  transferred  from  Web  server  to  Secure 
text  are  collected  on  a  server.  reformatted  for  a  Palm  display  screen.  Digital  card  or  is  accessed  via  PDA  synchronization. 


■  BY  JOHN  COX 

Medical  students  at 
The  Ohio  State 
University  in  Colum¬ 
bus  are  no  longer  tethered 
to  their  desks,  thanks  to  an 
$8,000  project  that  lets  them 
carry  a  key  application  with 
them  on  hospital  floors. 

Using  plug-in  memory 
cards,  a  group  of  medical 
students  now  has  instant 
access  to  a  set  of  11  text- 
and-image  teaching  mod¬ 
ules.  The  students  now  can 
carry  the  modules  on  Palm 
Tungstens  and  m505  or 
m515  PDAs.  The  modules  consist  of 
Power  Point  slides  and  medical  images 
that  formerly  were  accessible  only  via 
PCs  reading  CD-ROMs  or  accessing  a 
Web  server. 

The  documents  were  redesigned  spec¬ 
ifically  for  the  Palm  displays, says  Robert 
McKenney,  adjunct  instructor  for 
Biomedical  Informatics  and  director  of 
information  systems  for  student  educa¬ 
tional  services.To  create  responsive  user 
interaction,  minimize  network  down¬ 
load  times  and  free  up  the  Palms  built-in 
memory,  the  documents  are  stored  in 
postage-stamp-sized  Secure  Digital  cards 
that  can  store  up  to  64M  bytes  of  data. 

Until  this  change,  the  PDAs  distributed 
to  1,600  medical  students,  residents, 
physicians  and  other  medical  staff  have 
been  mainly  reference  tools:  Using  a 


host  PC  or  an  infrared  port,  users  could 
download  a  limited  subset  of  data  via 
infrared  ports  at  the  OSU  Medical 
Centers  main  sites. The  data  included  a 
physician  desk  reference  for  medica¬ 
tions  and  recent  patient  census  data. 

Now  instructional  material  can  be 
adapted  from  PC  and  Web  formats, 
stored  in  Secure  Digital  cards  and  used 
by  students  anywhere.  An  additional  soft¬ 
ware  program  lets  students  fill  in  some 
forms  that  are  designed  to  evaluate  the 
instructional  graphical  user  interface 
and  the  interactions.  IT  staff  and  profes¬ 
sors  upload  and  review  these  forms. 

The  initial  PDA  project,  launched  in 
2001,  also  included  a  middleware  com¬ 
ponent,  based  on  AvantGo  software,  to 
let  users  synchronize  their  handhelds 
with  a  number  of  selected  databases. 


The  project  won  widespread  praise:  It 
earned  the  American  Hospital  Associa¬ 
tion’s  Innovator  Award,  the  2001  Eliz¬ 
abeth  Davies  Award  for  accomplish¬ 
ments  in  providing  electronic  medical 
records  and  an  honorable  mention  in 
Network  World's  2002  annual  User  Ex¬ 
cellence  awards  (www.nwfusion.com, 
DocFinder:  5642). 

In  2002,  to  make  the  PDA  more  valu¬ 
able,  McKenney’s  staff  decided  that  dis¬ 
tributing  new  content  to  the  handhelds 
could  pay  off.  They  focused  initially  on 
third-year  medical  students,  who  have  to 
work  their  way  through  a  heavy  load  of 
studying  modules,  in  such  areas  as  drug 
abuse  and  obstetrics,  while  serving 
“clerkships”  at  participating  hospitals 
around  the  state. 

Until  now,  the  only  way  they  could 


access  these  instructional 
modules  was  via  a  PC,  which 
meant  that  the  clerking  stu¬ 
dents  were  cut  off  from  a  vital 
source  of  information  for 
much  of  the  day 
There  were  some  formida¬ 
ble  challenges  to  adapting 
the  documents  and  their  im¬ 
ages  for  the  a  tiny  screen  of  a 
mobile  device. 

McKenney’s  team  created 
and  refined  a  standard 
graphical  template  that 
showed  how  the  docu¬ 
ments’  text  and  graphics 
would  be  arranged  and  dis¬ 
played.  The  display  format 
was  another  standard:  PDF  files,  made 
possible  by  installing  Adobe  Acrobat 
2.0  on  the  PDA.  Another  variable  in 
deciding  to  use  the  Secure  Digital  cards 
and  in  some  cases  upgrading  to  F’alm’s 
newest  model:  the  Tungsten,  with  more 
memory  better  screen  display  and  a 
more  powerful  processor  than  the  earli¬ 
er  models.  McKenney  says  one  Secure 
Digital  card  can  hold  almost  as  much  as 
a  CD-ROM. 

“The  images  were  tough,”  McKenney 
says.“At  first,  we  thought  if  we  condensed 
the  image,  we’d  compromise  its  perfor¬ 
mance  on  the  device.  But  in  fact,  on  the 
Tungsten,  we  found  the  image  was 
enriched  and  quickly  manipulated. 
Acrobat  2.0  lets  you  magnify  the  image 
and  zoom  in  and  out.” 

See  Ohio,  page  26 


Adtran  pumps  up  VPN  support  in  low-end  routers 


NETWPRLD+INTEROP 


■  BY  TIM  GREENE 

HUNTSV1I1E,  ALA.  —  Adtran 
this  week  is  continuing  its  attempt 
to  give  corporate  customers  low- 
priced  remote  network  gear 
while  trying  to  undercut  the 
prices  of  low-end  Cisco  routers. 

At  NetWorld+lnterop,  the  com¬ 
pany  plans  to  announce  VPN  sup¬ 
port  for  the  NetVanta  3200  and 
NetVanta  3305  routers, an  upgrade 
the  company  had  promised  by 
vear-end.The  devices  now  can  let 
users  create  either  site-to-site  or 
remote-access  IP  Security  VPNs 
over  the  Internet. 

Adtran  says  these  routers  are 


aimed  at  Cisco’s  1720,2611  and 
2621  routers,  all  of  which  can 
support  VPNs.  The  management 
interface  for  the  Adtran  gear 
mimics  Cisco’s  command-line 
interface  (CL1). 

The  company  has  set  up  a  Web 
site,  www.dare2compare.adtran. 
com,  where  potential  customers 
can  simulate  configuring  an 
Adtran  router  based  on  their 
knowledge  of  Cisco’s  CL1. 

The  price  of  the  Adtran  gear  is 
also  notable  vs.  Cisco’s.  The  Net¬ 


Vanta  3200  costs  $  1 ,490  with  VPN 
support,  while  the  Cisco  1720 
costs  more  than  $2,000  and  can 
cost  more,  depending  on  options. 

While  Adtran  says  its  gear  can 
cost  half  that  of  the  comparable 
Cisco  product,  the  trade-off  is  they 
don’t  have  all  the  features  of  a 
Cisco, says  Zeus  Kerravala.an  ana¬ 
lyst  with  The  Yankee  Group. 

The  Adtran  gear  has  no  quality- 
of-service  mechanism,  whereas 
this  is  a  Cisco  strong  point.  Adtran 
supports  only  IP  while  Cisco  sup¬ 


ports  IF?  IPX,  Apple  Talk  and  SNA. 
Until  the  VPN  upgrade,  Adtran 
supported  only  RIP  1  and  RIP  2, 
but  is  adding  Open  Shortest  Path 
First  routing  support.  Cisco  sup¬ 
ports  these  protocols  plus  some 
of  its  own. 

“I  don’t  see  a  lot  of  companies 
getting  rid  of  their  Cisco  gear  to 
buy  Adtran.  And  they  won’t  mix 
them.  They’re  not  going  buy  six 
Cisco  routers  and  four  Adtran,” 
Kerravala  says. 

The  price  is  what  drove  Spark 
Engineering  in  Richmond,  Va.,  to 
buy  a  NetVanta  3200.  “It  was  a 
good  deal  compared  to  Cisco,” 
said  Bill  Riley,  the  company’s 


managing  partner. 

Branch  office  routers  claim 
about  $2  billion  per  year  in  sales, 
according  to  IDC.with  Cisco  tak¬ 
ing  the  lead,  followed  Linksys, 
Efficient,  Vanguard  Managed 
Systems  and  Zyxel. 

NetVanta  3305  costs  $2,290  with 
VPN  support.  NetVanta  3200  and 
NetVanta  3305  will  be  available 
next  month. 

Adtran  also  is  introducing  a 
high-speed,  point-to-point  wireless 
device  that  can  connect  LANs  in 
places  where  it  is  difficult  or 
expensive  to  buy  wired  connec¬ 
tions.  The  Tracer  5045,  available 
next  month,  will  cost  $11, 100.  ■ 
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That's  why  we  offer  you  so  many  ways  to  make  buying  technology 


to  custom  configuration, 


simple.  From  personal  account 


you  can  count  on  us 
them,  when  you  neec 


name  products,  the  way 


mat  i 

HI 

VP  • 

vum  !?s  •  <■  >■ 

1  •mb 

'  li 

irks  of  Microsoft 
spoctive  twwiera. 


v-:v  m  tm  m 


m  m$m 


Larger  projects,  higher  goals,  greater  responsibility 


wj  Ywm  i 


'  ‘  ^7i>l 

a  f!  I  v  y 

i  i  W  /  '  ✓ 

Si  * 


••  •  - 

■  _r"v-  •- 

*r  : 

a*5  ■”  '-V: in 

k 


s  A 


Introducing  Microsoft  Windows  Server  2003.  Do  more  with  less. 

You’re  beingasked  to  do  more.  You're  being  asked  to  do  it  with  less.  Microsoft  Windows  Server  2003  is 
designed  to  help  you  manage  these  opposing  forces  and  deliver  powerful  software  solutions  with  less  time, 
money,  and  hassle.  For  more  information,  and  to  get  your  free  evaluation  copy  of  Windows  Server  2003 
by  July  31,  2003,  go  to  microsoft.com/windowsserver2003  Software  for  the  Agile  Business. 

The  London  Stock  Exchange,  with  the  help  of  Accenture,  selected  Windows  Server  2003  as  the  foundation  for 
their  real-time,  business-critical,  market  information  delivery  system.  Using  Visual  Studio  .NET  and  the  Microsoft 
.NET  Framework,  this  innovative  new  system  was  developed  in  less  than  eight  months  from  conception  to  production 
and  now  serves  100,000  terminals  worldwide  with  up  to  3.000  transactions  per  second. 
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The  Gigabit  killer  app  is  within  vendors'  reach 


Every  story  written  about  Gigabit 
Ethernet  to  the  desktop,  it  seems,  has 
an  obligatory  reference  to  the  “killer 
app."  Most  analysts  note  that,  well,  there 
isn’t  one.  Intel  says  you  don’t  need  one.  1 
disagree  with  both  assessments. 

Analysts  start  with  taking  on  the  cliche 
of  “real-time  video”  being  the  poster  child 
for  Gigabit  desktop  applications  by  not¬ 
ing,  accurately,  that  business-grade  video 
doesn’t  even  put  a  strain  on  Fast  Ethernet 
desktop  links.  (See  www.nwfusion.com, 
DocFinder:  5644.) 

For  its  part,  Intel  engages  in  a  clever  bit 
of  obfuscation. The  company  concurs  that 
there  is  no  app  that  can  use  anywhere 
near  the  full  bandwidth  of  Gigabit 
Ethernet  —  but  you  still  need  Gigabit 


Ethernet.  Why?  Because  in  today’s  multi¬ 
tasking  world, you’ll  likely  be  running  lots 
of  bandwidth-needy  applications  simulta¬ 
neously  Thus,  it  is  something  of  an  aggre¬ 
gate  killer  app  that  replaces  the  single 
killer  app  of  old.  (See  DocFinder:  5645.) 

There  is  a  killer  app  —  it  isn’t  sexy  and  it 
is  sitting  right  in  front  of  everyone’s  face: 
bulk  data  transfer.  If  there  is  one  universal 
truth  in  enterprise  computing  these  days, 
it’s  that  users  are  dealing  with  larger  and 
larger  chunks  of  data  all  the  time.  As  data¬ 
bases  have  become  more  sophisticated 
and  more  portable,  we  even  have  end 
users  synchronizing  nontrivial  data  stores 
between  client  and  server. 

Moving  500M  bytes  of  data  between 
client  and  server  is  common. 

With  Gigabit  Ethernet’s  theoretical  capa¬ 
city  of  more  than  100M  byte/sec  (in  just 
one  direction),  it  should  take  just  5  sec¬ 
onds  for  such  a  file  to  move  across  the 
network.  However, Windows  2000  users  on 
very  high-end  machines  will  find  that  it 
takes  more  than  90  seconds  to  move  this 
much  data  using  Windows  file  copy  utility 


Even  using  purpose-built  “data  mover” 
applications  such  as  Retrospect  from 
Dantz,  the  transfer  takes  some  40  seconds 
—  eight  times  longer  than  one  would 
expect.This  Gigabit  Ethernet  performance 
isn’t  even  twice  as  fast  as  when  run  across 
Fast  Ethernet.  Bumping  up  an  order  of 
magnitude  in  bandwidth,  you’d  expect  to 
see  a  more  dramatic  improvement  in 
throughput.  But  you  don’t. 

And  Sonic  Solutions’  Backup  MyPC 
product  fared  worse,  with  its  Gigabit 
results  barely  besting  the  Dantz  Fast  Ether¬ 
net  results.  (Note:  This  information  is  the 
result  of  independent  research  that  The 
Tolly  Group  conducted;  ITclarity  report 
number  503001.) 

Being  able  to  move  500M  bytes  in  5  sec¬ 
onds  rather  than  90  seconds  sounds  like  a 
killer  app  to  me.The  absence  of  this  killer 
app  isn’t  the  fault  of  Gigabit  Ethernet  —  it 
can  handle  the  load  —  it  is  the  fault  of 
application  vendors  who’ve  just  tuned  out 
the  whole  issue. 

A  big  stumbling  block  for  app  vendors  is 
that  they’ve  grown  accustomed  to  the  old- 


fashioned,  DOS-style,  single-tasking  way  of 
doing  things.  In  every  case,  the  programs 
we  studied  seem  to  do  their  work  one  file 
at  a  time.  Clearly,  a  parallel  approach  is 
needed  to  keep  that  Gigabit  pipeline  full. 

Equally  problematic  is  that  all  of  these 
applications  rely  on  using  the  Common 
Internet  File  System  file  access  model 
for  interacting  with  the  remote  file  sys¬ 
tem.  You  might  remember  this  better  as 
Server  Message  Block.  If  you  are  wonder¬ 
ing  if  this  could  possibly  be  related  to 
the  Server  Message  Block  protocol  first 
put  forth  by  IBM  in  the  mid-1980s,  the 
answer,  sorry  to  say,  is  yes.  It’s  basically 
the  same  thing. 

Maybe  Intel  or  Dell  should  pay  some 
app  vendor  to  write  this  killer  app.  Then 
they  could  really  wave  the  flag  about 
Gigabit  Ethernet.  Until  then,  it  remains  a 
story  of  unrealized  potential. 

Tolly  is  president  of  The  Tolly  Group,  a 
strategic  consulting  and  independent  test¬ 
ing  company  in  Manasquan,  N.J.  He  can  be 
reached  at  ktolly@tolly.com. 


Grid 
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need  to  redesign  their  networks  or  add  new 
services.  Mission-critical  grid  applications 
require  some  traffic  engineering  to  ensure 
prioritization.  Grid  applications  require 
higher  availability  and  redundancy  be 
cause  they’re  distributed  across  a  network. 

“If  you  manage  your  own  grid  environ¬ 
ment,  you  want  high  redundancy  in  your 
network,  which  can  be  fairly  expensive 
across  the  globe,”  says  Bernhard  Borges, 
senior  technologist  with  IBM  Business 
Consulting  Services.  “You  need  to  be  very 
cognizant  about  the  network.  Rather  than 
looking  at  it  as  a  transport  mechanism,  you 
have  to  look  at  it  as  part  of  the  operating 
environment. . .  .With  e-mail, you  can  apolo¬ 
gize  if  something  doesn’t  get  sent.  With  a 
grid  application,  you  can’t  afford  to  do 
that.” 

Network  features 

Borges  expects  more  features  to  be  built 
into  network  hardware  to  accommodate 
grid  applications.  He  says  that  routers  will 
need  additional  smarts  to  understand  the 
context  of  data  being  handled  and  how  it 
fits  into  the  grid. 

He  also  expects  network  administration 
and  management  software  to  require  addi¬ 
tional  features  for  grid  computing.  “Grids 
will  require  more  administration  than  your 
average  network,”  he  says. 

Grid  computing  also  is  likely  to  influ¬ 
ence  the  future  direction  of  the  Internet, 
experts  say. 

The  academic  organizations  involved  in 
the  nation’s  largest  grid  project  —  the  Na¬ 
tional  Science  Foundation’s  multiyear, 
multimillion  dollar  TeraGrid  project  — 
already  can  see  some  effect  on  the  back¬ 
bone  network,  which  operates  at  10G 
bit/sec. 


Defining  grid 

Grid  applications  typically  are 
classified  according  to  the 
networks  they  use: 

•  Intranet  grids  involve  a  company 
distributing  an  application  across 
its  own  private  IP  infrastructure. 

•  Extranet  grids  let  a  company  take 
advantage  of  the  networks 
belonging  to  its  business  partners. 

•  Internet  grids  run  across  the  public 
Internet. 


“Grid  computing  represents  the  most 
leading-edge  applications  that  we  have 
over  the  backbone,”  says  Steve  Corbato, 
director  of  backbone  network  infrastruc¬ 
ture  for  Internet2  and  a  collaborator  on  the 
TeraGrid.  For  grids, you  “clearly  need  band¬ 
width,  and  you  need  a  well-engineered 
local  network  environment.  One  of  the 
things  our  community  has  discovered  is 
that  most  performance  problems  happen 
at  the  edge,”  he  says. 

Corbato  says  TeraGrid  researchers  need 
at  least  gigabit-speed  LANs  to  take  advan¬ 
tage  of  the  high-performance  WAN  con¬ 
nections  available  on  the  project. 

High-performance  grids  also  require 
some  tweaks  to  Internet  protocols.  Corbato 
says  TeraGrid  researchers  need  larger  pac¬ 
ket  sizes  to  sustain  high  TCP  loads.  By  dou¬ 
bling  the  size  of  the  packets  that  the 
TeraGrid  network  can  handle,  researchers 
have  found  they  can  significantly  reduce 
the  packet  number  that  needs  to  be  sent, 
thereby  increasing  network  performance. 

“Large  [packet  sizes]  reduce  the  load  on 
the  network  interface  card  and  improve 
the  ability  to  drive  high-performance  loads 


across  the  backbone,”  Corbato  says. 

One  challenge  with  TeraGrid  is  schedul¬ 
ing  the  network  resource,  says  Wesley  Kap- 
low,  CEO  for  Qwest’s  Government  Services 
division.  Qwest  is  providing  four  10G  chan¬ 
nels  to  the  TeraGrid  project,  which  links 
government-funded  high-performance 
computer  centers  in  Illinois  and  California. 

“When  you  only  have  four  major  sites  to 
start  with,  scheduling  is  not  that  big  of  a 
deal,”  Kaplow  says.“But  as  you  increase  the 
site  number,  you  basically  get  back  to  the 
same  kind  of  best-effort  network  we  have 
on  the  Internet  today.  . . .  Part  of  the  issue 
with  the  TeraGrid  is  to  understand  the  com- 
puter-to-network  connectivity  issue  and  to 
do  resource  scheduling  and  assignment.” 

Kaplow  says  the  key  to  solving  the  net¬ 
work  scheduling  challenge  is  the  develop¬ 
ment  of  next-generation  middleware, 
which  is  being  tackled  under  a  separate 
NSF-funded  initiative. 

“The  middleware  must  understand  the 
network  topology  and  components,  includ¬ 
ing  optical  switches  and  routers,”  Kaplow 
says.The  challenge  is  to  go  from  the  Inter¬ 
net  model  of  today  with  thousands  of  small 
flows  that  aggregate  up  to  large  traffic  to 
systems  with  relatively  few  flows  that  [can 
take  full  advantage]  of  the  characteristics 
of  the  channels.” 

Experts  say  that  if  grid  computing 
achieves  its  promise,  it  could  have  a  pro¬ 
found  effect  on  the  way  that  public  and  pri¬ 
vate  networks  are  designed  and  operated. 
However,  these  changes  will  take  place 
over  the  next  decade. 

“I  don’t  think  people  realize  how  perva¬ 
sive  [grid  computing]  is  going  to  be  and 
how  big  a  shift  it  is  going  to  be  in  how  peo¬ 
ple  get  e-mail,  how  files  are  backed  up  and 
the  level  of  communications  on  each 
machine,”  Hennessey  says.“l  really  do  think 
it’s  going  to  be  the  biggest  shift  we  see  over 
the  next  eight  years  or  so."  ■ 
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The  images  can’t  be  used  for  de¬ 
tailed  diagnostic  work  on  patients, 
but  for  students  and  professors,  the 
images  are  detailed  enough  for  in¬ 
structional  use.  McKenney  discov¬ 
ered  that  working  with  the  most 
detailed,  high-quality  image  possible 
is  critical  for  a  high-quality  display 
on  the  Tungsten. 

He  also  discovered  the  simplest  and 
fastest  way  to  distribute  the  docu¬ 
ments  was  via  the  Secure  Digital  card, 
a  format  available  now  to  about  150 
medical  students.  But  other  PDA  users 
can  synchronize  their  PDAs  through 
their  PCs,  using  the  AvantGo  middle¬ 
ware,  to  download  the  same  docu¬ 
ments  from  a  Web  server.  Users  click  to 
select  the  modules  they  want  from  a 
simple,  clear  list  displayed  on  PDA. 

The  new  handheld  format  and  dis¬ 
tribution  project  has  proven  to  be  so 
successful  that  other  OSU  depart¬ 
ments,  such  as  engineering  and  agri¬ 
culture,  are  evaluating  its  use  for  their 
students. 

The  OSU  Medical  Center  is  not  yet 
using  the  PDAs  on  either  wireless 
LANs  or  wide-area  cellular  data 
networks. 

“We’re  testing  some  of  that,” 
McKenney  says.  Wireless  will  bring  a 
number  of  complex  challenges: 
more  drain  on  the  PDAs  battery,  a 
new  physical  infrastructure  and 
security  issues,  he  says.  ■ 
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■  Virtual  directory  vendor  Octet- 
String  has  released  Version  2.0  of 
its  Virtual  Directory  Engine 
Suite.  The  new  software  features 
Join  Adapter  for  consolidating  iden¬ 
tity  information  that  resides  in  exist¬ 
ing  directories  and  databases  to 
support  secure  authentication  and 
authorization  services.  Join  Adapter 
ships  with  three  sample  join  tem¬ 
plates:  a  simple  join,  a  one-to-one 
matching  of  identity  records;  a  one- 
to-many  join;  and  a  shadow  join  for 
virtually  adding  unique  application 
attributes  to  the  enterprise  direct¬ 
ory.  Information  in  identity  reposito¬ 
ries  can  be  joined  into  a  single  view 
and  made  available  to  applications 
via  the  Lightweight  Directory 
Access  Protocol,  Java  Database 
Connectivity  protocol  or  XML.  VDE 
is  a  Java  application  that  runs  on 
Windows,  Sun  Solaris,  IBM  AIX,  HP- 
UX  and  Linux.  Pricing  for  VDE  Suite 
is  $35,000  per  server. 

■  Several  months  after  announcing 
plans  for  a  .Net  integrated  develop¬ 
ment  environment  to  compete  with 
Microsoft’s  Visual  Studio  .Net,  Bor¬ 
land  last  week  said  it  would  offer  a 
complete  suite  of  .Net  application 
development  tools.  Borland  also  an¬ 
nounced  the  name  for  its  .Net  IDE, 
previously  code-named  Sidewinder. 
Now  known  as  Borland  C#Builder, 
it  is  on  track  for  a  midyear  release. 
Meanwhile,  Borland  plans  to  offer  by 
year-end  a  suite  of  its  .Net  tools, 
including  its  design,  development,  col¬ 
laboration  and  optimization  products. 
Pricing  details  on  C#Builder  will  be 
available  closer  to  the  product's 
launch,  Borland  said. 

■  Network  Associates'  McAfee 
Security  division  announced  spam- 
prevention  software  for  busi 
nesses  that  use  Exchange  Server 
with  500  mailboxes  or  fewer. 
SpamKiller  for  Exchange  for  Small 
Business,  which  costs  about  $20  per 
seat,  lets  administrators  decide  to 
weed  out  spam  at  the  server  or  pass 
it  along  into  a  "gray-area"  junk  folder 
for  review. 


Key  Web  services  protocol  gets  help 

Next  version  of  UDDI  will  feature  improved  security,  policy  controls, 


UDDI  Version  3 

The  Universal  Discovery,  Description  and  Integration  (UDDI)  protocol 
has  not  lived  up  to  its  billing  as  the  foundation  for  a  public  directory 
where  users  can  find  and  connect  to  Web  services,  mostly  because 
of  access  and  security  issues. 


Key  UDDI  Version  3  additions 

Improvements 

Policy 

Expanded  role  of  policy  allows  more  flexibility  for 
implementation. 

Digital  signature 

Ensures  content  can’t  be  changed;  fosters  trust  in 
registry. 

Multiregistry  support 

Allows  secure  mesh  of  public,  semiprivate  and  private 
registries. 

Subscription  API 

Users  can  track  content  changes  made  to  registries. 

■  BY  JOHN  FONTANA 

A  protocol  described  as  one  of  the  four 
pillars  of  Web  services  might  finally  be 
ready  to  live  up  to  its  grandiose  billing  and 
signal  the  start  of  the  next  phase  of  corpo¬ 
rate  adoption  for  the  emerging  technology 

The  Universal  Discovery,  Description 
and  Integration  (UDDI)  protocol  has  been 
the  ugly  stepchild  to  XML,  Simple  Object 
Access  Protocol  (SOAP)  and  Web 
Services  Description  Language  (WSDL), 
which  have  all  gained  favor  as  Web  ser¬ 
vices  have  been  tested  and  adopted  by 
leading-edge  corporations. 

Originally  billed  as  a  public  directory 
of  Web  services  to  find  and  connect  to 
Web  services  components  that  live  on 
a  network  or  the  Internet,  UDDI  has  failed 
to  meet  that  promise  mostly  because 
of  issues  related  to  securing  data 
and  access. 

A  public  UDDI  directory  called  UDDI 


■  BY  JASON  MESERVE 

SANTA  CLARA  —  First  Virtual  Communi¬ 
cations  last  week  released  Click  to  Meet 
Express  2.0,  a  software-based  conferencing 
product  that  combines  the  features  of  tra¬ 
ditional  videoconferencing  with  Web  con¬ 
ferencing  in  an  effort  to  help  users  more 
easily  share  multimedia  applications. 

Click  to  Meet  Express  operates  on  stan¬ 
dard  PC  hardware  running  most  versions 
of  Windows  and  works  with  FVC’s  Con¬ 
ference  Server  product,  a  software-based 
multipoint  control  unit  that  connects  mul¬ 
tiple  users  in  a  single  call  and  stores  shared 
documents  and  files  used  in  the  call.  No 
specialized  equipment  is  required,  as  a 
standard  PC  microphone  and  Webcam 
camera  can  be  used  to  provide  audio  and 
video.  Optionally,  Conference  Server  can 
integrate  with  a  third-party  phone  bridge  to 
connect  users  on  the  telephone. 

To  make  setting  up  meetings  and  inviting 
participants  easier,  FVC  has  integrated 
Click  to  Meet  Express  with  Microsoft’s 
Messenger  instant-messaging  client,  which 


Business  Registry  maintained  by  Micro¬ 
soft,  IBM,  SAP  and  NTT  Communications 
is  not  much  more  than  a  conceptual 
model. 


provides  a  directory  of  users  and  the  abil¬ 
ity  to  detect  whether  a  user  is  online. 
Meetings  can  include  audio  and  video, 
slides,  shared  files  or  a  combination  of 
media.Video  or  Internet-based  audio  is  not 
required  to  use  the  product,  as  it  can  be 
used  in  a  slide-show-only  mode,  similar  to 
online  tools  WebEx  and  PlaceWare  offer. 

“It’s  got  a  flexible  screen  setup,”  says  An¬ 
drew  Davis,  an  analyst  at  Wainhouse 
Research.  “You  can  have  data-intensive  or 
video-intensive  meetings  and  can  switch 
between  the  two  on  the  fly. ...  No  one  has 
really  done  that  before.” 

The  user  interface  inversion  2.0  has  been 
rewritten  with  a  combination  of  Dynamic 
HTML  and  XML,  making  it  more  customiz¬ 
able,  says  Gary  Dietz,  senior  product  man¬ 
ager  at  FVC.  Slides,  video  and  a  text-chat 
window  can  be  arranged  in  a  number  of 
ways  by  users  or  as  a  set  layout  dictated  by 
a  moderator  for  all  attendees. 

Also  new  in  Version  2.0  is  the  ability  to 
call  out  to  telephone  users  and  any  H.323- 
or  Session  Initiation  Protocol-compliant 

See  FVC,  page  32 


However, with  the  expected  release  in  the 
fall  of  Version  3  of  the  UDDI  specification, 
which  was  turned  over  to  the  Organization 
for  the  Advancement  of  Structured  In¬ 
formation  Standards  (OASIS)  last  fall,  the 
protocol  is  getting  the  security  and  policy 
controls  that  might  lift  its  acceptance 
among  Web  services  adopters.  Version  3  is 
seen  as  the  key  for  creating  private,  semi¬ 
private  and  public  UDDI  registries  that 
could  be  integrated  at  various  levels. 

Version  3  also  positions  UDDI  to  be¬ 
come  the  linchpin  for  the  next  wave  of 
Web  services,  which  ties  together  multiple 
Web  services  into  composite  applications. 

“Version  3  is  a  major  advance  toward 
being  able  to  trust  the  data  in  the  registry 
and  know  that  it  is  valid,”  says  Tom 
Bellwood,  co-chair  of  the  OASIS  UDDI 
technical  committee. 

UDDI’s  role  will  be  as  a  registry  of  Web 
services  that  live  on  the  network.  As  multi¬ 
ple  Web  services  are  connected  to  form 
composite  applications,  such  as  an  order¬ 
ing  system  consisting  of  multiple  Web  ser¬ 
vices,  UDDI  would  be  the  hub  that  holds 
together  that  association  of  Web  services. 

The  concept  is  similar  to  the  Domain 
Name  Service  on  the  Internet  where  Web 
site  addresses  such  as  www.nwfusion.com 
remain  fixed  entries  in  the  DNS  registry 
while  the  location  or  IP  address  of  the  site 
can  be  changed. 

The  UDDI  registry  is  a  locator  service 
that  allows  Web  services  to  be  linked  on 
the  fly  and  change  locations  on  the  net¬ 
work  without  breaking  the  composite 
application. The  registry  provides  flexibili- 

See  UDDI,  page  32 
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Site:  Lessons  from  Leading  Users 

Staples  switches  Web  search  tools 


Catalog  control 


Staples  rolled  out  self-service  search  software  from  iPhrase  to 
speed  better  results  to  customer  Web  queries. 


Staples 

corporate 

headquarters 


Customer 

O  User  enters  search  query  on  Staples.com  site.  Web 
servers  receive  the  query  and  make  an  XML  call  to 
iPhrase  servers. 

©  Software  receives  the  XML  request  and  formats  it  for  the 
iPhrase  engine,  which  taps  a  local  content  index  to  produce 
search  results.  The  software  converts  the  results  to  XML 
and  sends  them  to  the  Web  servers. 

©  The  iPhrase  software  scans  Staples’  product  catalog  system 
every  night  to  build  an  index,  which  each  iPhrase  server  copies 
and  runs  locally  to  speed  performance  and  provide  redundancy. 


Web 


iPhrase 

servers 


Product  catalog 
database 


■  BY  ANN  BEDNARZ 

After  a  flurry  of  comments  from 
customers  saying  it  was  hard  to 
find  products  on  Staples’  Web 
site,  the  office  supplies  retailer  decid¬ 
ed  its  homegrown  search  engine 
needed  to  go.  In  its  place  Staples 
implemented  self-service  search  and 
navigation  software  from  iPhrase 
Technologies. 

The  company’s  original  search  tech¬ 
nology  wasn’t  delivering  the  results 
that  customers  wanted,  says  Tom 
House,  senior  project  manager  at 
Staples  in  Framingham, Mass.“Our  cus¬ 
tomers  did  not  find  our  existing 
search  engine  and  our  search  inter¬ 
face  easy  to  use,”  House  says.  “They 
didn’t  feel  that  the  results  they  were 
getting  back  were  relevant  to  the  search 
terms  they  entered.” 

As  a  result,  people  were  abandoning 
Staples’  consumer  and  small-business 
Web  site  when  their  searches  yielded 
poor  results,  instead  of  sticking  around 
to  buy  items.  According  to  Web  logs,  the 
“search  results”  page  was  where  Staples 
lost  the  most  visitors  to  its  Staples.com 
site,  House  says. 

Poor  site  search  is  a  common  problem, 
according  to  Jupiter  Research.  The  firm 
estimates  that  Webwide  search  tools, 
such  as  Google,  outperform  local  Web 
site  search  tools  52%  of  the  time.  Among 
1,482  users  Jupiter  surveyed,  45%  re¬ 
ported  that  with  most  companies’  key¬ 


word-based  search  features,  it’s  too  time- 
consuming  to  page  through  results;  39% 
said  misspellings  are  poorly  handled; 
and  38%  said  search  results  typically  are 
not  relevant. 

To  combat  these  issues,  iPhrase  — 
along  with  competitors  such  as  Applied 
Semantics,  Ask  Jeeves  and  Primus  Know¬ 
ledge  Solutions  —  uses  natural-language¬ 
processing  technology  that  interprets  the 
meaning  of  a  customers  request, phrased 
in  everyday  language,  and  retrieves  the 
most  pertinent  information. IPhrase s  One 
Step  software  automatically  adjusts  to 
handle  misspellings,  synonyms  and 
abbreviations,  the  vendor  says. 

One  Step  also  can  weed  through  struc¬ 


tured  and  unstructured  data.  Initially, 
Staples  is  most  interested  in  the  soft¬ 
ware’s  structured  data-search  capabili¬ 
ties,  because  the  Web  site’s  primary  con¬ 
tent  source  is  Staples’  40, 000-item  prod¬ 
uct  catalog,  House  says. 

Eventually  the  retailer  plans  to  expand 
its  search  features  to  include  unstruc¬ 
tured  data,  such  as  its  online  help 
resources,  House  says.  The  retailer  also 
might  roll  out  the  iPhrase  software  to  its 
other  Web  properties,  such  as  the  Web 
site  of  its  Quill  Corp.,  subsidiary 

Staples  started  evaluating  search  ven¬ 
dors  last  year  after  feedback  from  e-com- 
merce  research  site  BizRate.com  indi¬ 
cated  customers  were  unhappy  with  its 


Web  site  search  capabilities.  Roughly 
30%  of  the  comments  Staples  received 
from  BizRate  were  about  its  search 
engine  —  which  hadn’t  been  updated 
since  Staples  built  it  five  years  ago, 
House  says. “It  was  in  real  dire  need  of 
an  update,  as  our  customers  told  us 
pretty  loud  and  clear/  he  says. 

After  evaluating  a  dozen  vendors  and 
short-listing  three  for  on-site  pilots, 
Staples  chose  iPhrase.  Staples  went  live 
with  the  vendor’s  One  Step  software  in 
February.  It’s  too  early  to  tell  if  the  new 
software  will  increase  Staples’  online 
sales,  House  says.  But  the  revamped 
search  features  have  yielded  positive 
reviews  from  users,  and  Staples’  cus¬ 
tomer  service  representatives  are  log¬ 
ging  fewer  phone  calls  from  people 
having  Web  site  search  problems, 
he  says. 

Staples’  sales  and  marketing  associates 
also  are  benefiting  from  the  new  soft¬ 
ware,  which  allows  them  to  track  visitors’ 
search  patterns  and  modify  search 
engine  parameters  as  needed.  House 
says.  “If  we  see  customers  enter  a  search 
term  that  the  iPhrase  engine  by  default  is 
not  catching  as  a  misspelling,  we  allow 
our  internal  associates  to  configure  the 
search  engine  to  capture  that  misspelling 
and  correct  it  on  the  fly/’  he  says. 

With  the  old  software,  Staples  associ¬ 
ates  could  see  problems  customers 
were  having  with  the  search  engine,  but 
weren’t  able  to  tweak  the  search  engine 
to  correct  the  problems.  ■ 


BMC  looks  to  ease  mainframe  management 


■  BY  DENISE  DLIBIE 

HOUSTON  —  BMC  Software  last  week 
introduced  a  software  suite  the  company 
says  will  kill  two  management  birds  with 
one  stone:  The  company’s  new  Java-based 
System  Advisor  portfolio  will  help  cus¬ 
tomers  that  are  short  on  staff  manage  Big 
Iron  operating  systems. 

BMC’s  System  Advisor  suite  will  be  an 
integrated  set  of  about  20  products  for 
configuring  and  managing  IBM’s  main¬ 
frame  z/OS  and  OS/390  operating  sys- 
tems.The  company  says  the  product  suite 
will  lessen  the  learning  curve  for  network 
staff  unfamiliar  with  managing  legacy  sys¬ 
tems  by  providing  a  Web-based, Windows¬ 
like  user  interface  alternative  to  the  typi¬ 
cal  green  screen  used  to  manage  main¬ 
frame  components. 

The  software  also  can  feed  mainframe 
management  data  into  distributed  systems 


management  tools  such  as  Computer 
Associates’  Unicenter  and  IBM’s  Tivoli 
Enterprise  Console.  This  will  help  network 
managers  more  easily  correlate  how  main¬ 
frame  systems  might  affect  performance  of 
applications  running  on  the  boxes,  the 
company  says. 

The  central  software  in  the  suite,  System 
Explorer,  provides  a  Java-based  graphical 
user  interface  that  interacts  with  zSeries 
mainframes  to  perform  common  manage¬ 
ment  tasks  such  as  viewing  partitioned 
data  sets  and  systems  resources  in  one 
interface  (see  graphic  at  www.nwfusion. 
com,  DocFinder:  5643).  BMC  says  the  soft¬ 
ware  simplifies  the  most  commonly  used 
functions  for  managing  z/OS,  including  file 
management  and  job  management  with  a 
point-and-click  Web  interface. 

“The  software  masks  the  complexity  of 
the  mainframe  environment  with  a  sim¬ 
ple  distributed  interface,”  says  Calvin 


Guidry,  vice  president  and  general  man¬ 
ager  of  enterprise  systems  management 
at  BMC.“The  software  is  written  to  include 
knowledge  of  how  to  manage  z/OS  so 
network  managers  can  get  [it]  up  and 
running  quickl/ 

Mainframe  components  are  typically 
managed  through  3270  screens,  which 
involve  writing  commands  using  tools 
such  as  Interactive  System  Productivity 
Facility  (ISPF)  and  System  Display  and 
Search  Facility  (SDSF)  from  IBM.  ISPF  is  a 
software  library-management  tool  for  ver¬ 
sioning  and  auditing  source  code.  It 
includes  configuration  management  to 
track  all  application  components,  and  sup¬ 
ports  management  of  data  sets  and  simpli¬ 
fied  data  management  services.  SDSF  pro¬ 
vides  a  secure  way  to  monitor,  manage  and 
control  z/OS  Sysplex  environments. 

“I  see  the  main  benefit  of  [System 
Explorer]  as  providing  a  point-and-click 


interface  to  mainframe  functions,  which 
allows  people  new  to  the  mainframe  to  be 
more  productive. They  don’t  have  to  learn 
ISPp  says  Larry  Riggen,  principal  technol¬ 
ogy  consultant  at  energy  provider  Cinergy 
in  Cincinnati. 

BMC  says  part  of  its  motivation  to 
design  System  Explorer  to  look  more  like 
a  distributed  management  console  than 
traditional  mainframe  management  in¬ 
terfaces  is  the  diminishing  pool  of  IT  pro¬ 
fessionals  with  mainframe  skills  (see 
DocFinder:  5647) 

BMC  says  future  products  in  the  System 
Advisor  family  will  address  areas  such  as 
Sysplex  operation,  workload  manage¬ 
ment,  system  parameters,  system  logging, 
restart  management,  data  integrity  and 
mainframe  storage. 

System  Explorer  for  z/OS  is  priced  start¬ 
ing  at  $11,700  and  varies  depending  on 
configuration.  ■ 
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See  DB2  software  connect  data,  near  and  far. 
See  DB2  software  connect  formats,  old  and  new. 
See  DB2  software  create  insight,  again  and  again 
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DB2.  It’s  the  ultimate  portfolio  ojjreal-time  information  management  software.  You  can  now  leverage  , 
every  scrap  of  data,  no  matter  where  it  is,  or  what  it  is.  You  see  it  all,  as  if  it  resided  in  a  single  place. 

Insightful  and  open,  DB2  lets  you  use  and  build  on  what  you  already  have,  whether  it’s  IBM,  Oracle 

1 1  .  ■■  ^ 

or  Microsoft®—  goodbye  “rip  and  replace.’’  For  a  DB2  Software  Information  Kit,  visit  ibm.com/db2/seeit 
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It  sure  seems  like  a  good  idea.  The 
biggest  computer  retail  chain  or  small¬ 
est  mom  and  pop  store  could  sell  a 
range  of  software  while  dedicating  only  a 
few  square  feet  of  floor  space  to  the  effort. 
But  it’s  taking  a  long  time  to  get  going  — 
maybe,  just  maybe,  things  will  happen  this 
summer. 

About  three  years  ago,  Protocol  Tech¬ 
nologies  announced  Software  ToGo,  a 
burn-to-order  software  distribution  sys¬ 
tem.  A  customer  would  select  the  software 
they  desired  by  using  a  small,  LCD-based 
stand-alone  kiosk  and  get  a  bar-coded 
order  ticket  in  return.  The  customer  then 
would  take  the  ticket  to  a  cashier  and  pay 


Until  the  'Net  is  fast  enough? 


for  the  software. 

The  ticket  would  be  used  to  tell  an  order- 
fulfillment  station  what  the  customer  had 
bought.  The  order-fulfillment  station 
would  use  a  secure  Internet  connection 
to  get  a  key  to  unlock  a  copy  of  the 
desired  software  on  a  disk  drive  in  the  sta¬ 
tion  and  burn  the  software  onto  a  CD  on 
the  spot. The  station  also  would  print  full- 
color  inserts  for  the  CD  case  and  a  set  of 
quick-start  instructions,  complete  with  a 
unique  serial  number  and  “certificate  of 
authenticity’ 

The  clerk  would  assemble  the  package 
and  hand  it  to  the  customer.  The  burning 
and  assembly  process  should  take  less 
than  5  minutes.  Protocol  Technologies  has 
at  least  one  U.S. patent  (5,784,460)  related 
to  the  system. 

The  press  releases  on  the  Protocol 
Technologies  Web  site  show  that  some 
high-profile  companies  were  going  to  test 
the  system,  including  Office  Depot  and 
Radio  Shack.  But  the  site  does  not  have 


any  information  on  how  those  trials  went. 
The  most  recent  development  seems  to 
be  that  CompUSA  will  deploy  the  system 
in  its  stores  this  summer,  according  to 
Apple  Computers  (www.nwfusion.com, 
DocFinder:  5633). 

If  the  system  works  as  advertised, 
CompUSA  could  “stock”  a  far  wider  range 
of  software,  including  old  or  eclectic  titles, 
than  it  otherwise  could.  But  the  systems 
success  will  heavily  depend  on  getting  a 
wide  range  of  software  publishers  to  sign 
up.  Protocol  Technologies’  Web  site  says 
that  “Software  ToGo  carries  products  from 
close  to  90%  of  the  top-selling  software 
publishers”  without  saying  how  many 
titles  are  carried  from  each  publisher  or 
who  the  publishers  are. 

Software  is  not  the  only  material  that  is 
suitable  for  a  burn-on-demand  system.  A 
few  baby  steps  are  under  way  for  burn-on- 
demand  custom-mix  music  CDs.  Sony 
Music  seems  to  be  experimenting  with 
the  idea,  but  as  a  burn-and-ship  service 


www.nwfusion.com 


rather  than  an  in-store  system.  Sony  has 
set  up  a  Web  site  where  you  can  build 
your  own  Bob  Dylan  CD,  but  with  a  quite 
limited  repertoire,  only  one  or  two  songs 
from  35  of  Dylan’s  46  albums.  Sony  then 
will  ship  the  CD  to  you. 

I  hope  that  both  of  these  ideas  are  suc¬ 
cessful  and  temporary.  The  first  applica¬ 
tion,  software  delivery,  can  already  be 
done  quite  well  over  broadband  Internet 
and  should  be  done  that  way  far  more 
often  in  the  future.  The  second  applica¬ 
tion,  music  delivery,  is  waiting  for  music 
publishers  to  understand  that  there  is  an 
Internet  they  can  use,  not  just  fight. 

Disclaimer:  Harvard  uses  physical  self¬ 
delivery  of  its  main  product,  educated  stu¬ 
dents,  and  has  not  expressed  an  opinion 
about  using  the  Internet  instead. 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Sys¬ 
tems.  He  can  be  reached  at  sob@ 
sobco.com. 


II  UDDI  is  the  glue  that  ties  together  the 
whole  Web  services  idea  of  loosely  coupled 
applications.  9  9 

Ted  Haeger 

Director  of  product  management,  Novell 


UDDI 

continued  from  page  29 

ty  so  application  components 
can  be  “loosely  coupled”  and 
readily  reused  instead  of  hard¬ 
wired  together  and  rigid.  UDDI 
also  can  find  downed  Web  ser¬ 
vices  components  and  point  to 
where  a  composite  application  is 
broken. 

“People  are  still  trying  to  learn 
how  to  use  Web  services  cor¬ 
rectly’  says  Ron  Schmelzer,  an 
analyst  with  research  firm  Zap- 
Think.  “Replacing  proprietary 
interfaces  with  standard  Web  ser¬ 
vices  interfaces  in  point-to-point 
connections  is  not  that  interest¬ 
ing.  You  have  to  change  your 
environment  to  a  service-ori¬ 
ented  architecture,  and  to  do 
that  you  need  UDDI  as  a  discov¬ 
ery  component.  Version  3  is  the 
first  workable  version  to  support 
that  role.” 

In  a  service-oriented  architec¬ 
ture  (SOA)  application  compo¬ 
nents  live  as  services  on  the  net¬ 
work  and  can  be  assembled  in 


FVC 

continued  from  page  29 

endpoint  registered  with  the 
Conference  Server.  This  allows 
traditional  group  video  systems 
from  Polycom,  Tandberg  and 
others  to  be  connected  to  the 
same  conference.  T.  120  support 
also  is  included  for  sharing 
applications  such  as  Microsoft 
Word  or  Excel. 

Where  serv  ices  such  as  WebEx 
target  one-to-many  meetings, 
Dietz  says  FVC  is  targeting  the 


infinite  combinations.  SOA  was 
first  introduced  with  Distributed 
Component  Object  Model  and 
the  Common  Object  Request 
Broker  Architecture. 

The  importance  of  SOA  com¬ 
ponents  is  on  the  rise  as  Web 
services  adopters  evolve  from 
simple  point-to-point  integra¬ 
tion  of  legacy  applications 
using  Web  services  interfaces  to 
more  sophisticated  integration 
of  multiple  native  Web  services 
applications. 

“When  we  started  to  build 
more-complex  Web  services  ap¬ 
plications  we  quickly  found  we 
needed  things  such  as  monitor¬ 
ing,  caching,  orchestration  and  a 
registry,”  says  Carroll  Pleasant, 
associate  technologies  analyst 
for  Eastman  Chemical. 

The  Kingsport, Tenn.,  company 
has  built  an  application  called 
Management  Scorecard  that 
pulls  together  23  Web  services 
that  provide  such  information 
such  as  financial,  manufactur¬ 
ing  and  regulatory  data  into  a 
single  application  for  execu- 


small  and  midsize  groups  that 
need  to  have  “a  highly  interac¬ 
tive  conference.” 

One  caveat  with  running  a  soft¬ 
ware-only  video  system  is  that 
the  quality  of  video  and  number 
of  participants  being  displayed 
on  screen  at  the  same  time  are 
dictated  by  the  PC’s  processing 
capabilities.  Davis  warns  that 
while  video  running  controlled 
IP  environments  such  as  a  LAN 
or  WAN  might  be  of  good  quality, 
those  connecting  over  the  Inter¬ 
net  could  have  mixed  results. 


tives.  Scorecard’s  components 
are  held  together  using  a  UDDI 
registry. 

“We’ve  built  a  pretty  good 
understanding  of  how  to  devel¬ 
op  around  Web  services  and 
we’ve  appointed  an  architec¬ 
ture  team  to  find  out  how  to 
build  an  SOA  at  Eastman,” 
Pleasant  says.  “We  know  that  a 
registry  is  key  in  that  it  knows 
where  everything  is  and  it  gives 
you  location  transparency” 

Eastman  can  query  the  registry 
for  access  to  a  Web  service 
instead  of  trying  to  hard-code 
connections  between  23  Web 
services.  Pleasant  is  evaluating 
UDDI  Version  3  to  make  that  task 


FVC  competes  with  the  WebEx 
and  PlaceWare  in  the  Web  con¬ 
ferencing  realm.  In  the  video- 
conferencing  arena,  it  com¬ 
petes  with  hardware-based 
desktop  cameras  from  Pblycom 
(the  ViaVideo)  and  VCON  (the 
ViGO). 

Click  to  Meet  Express  2.0  costs 
$7,400  for  a  four-concurrent 
user  license,  including  the 
Conference  Server.  The 
Conference  Server  runs  on 
Windows  2000  and  2003,  Solaris 
and  Red  Hat  Linux  ■ 


easier  and  more  secure. 

Security  and  privacy  issues 
have  dogged  UDDI  since  its 
inception,  relegating  its  use  to 
behind  corporate  firewalls. 

Companies  such  as  Fujitsu, 
IBM,  Microsoft  and  Novell  offer 
UDDI  registries,  and  other  UDDI 
implementations  will  likely 
show  up  in  products  such  as 
application  servers  or  integra¬ 
tion  brokers. 

Version  3  has  created  a  new 
security  model  based  on  a  set  of 
user-configured  policies.  The 
specification  also  supports  the 
XML  Digital  Signatures  standard, 
which  ensures  the  source  and 
integrity  of  data. 

The  forthcoming  version  will 
include  dozens  of  policies  for 
operations  such  as  access  con¬ 
trol,  replication,  subscription,  del¬ 
egation,  data  transfer  rights  and 
UDDI  keys,  which  are  unique 
identifiers  attached  to  each  entry. 

“Policy  is  tied  into  security  in 
that  all  security  in  [Version  3]  is 
expressed  as  policies,” says  UDDI 
committee  co-chair  Bellwood. 
“The  incorporation  of  signed 
data  will  help  registries  evolve, 
especially  public  registries." 

Version  3  also  will  support  a 
multiregistry  environment  where 
private  corporate  directories  can 


share  select  data  with  semipri¬ 
vate  directories,  such  as  that  of 
any  industry  hub,  and  with  pub¬ 
lic  registries  that  can  be  used  as 
root  authorities  to  control  the 
assignment  of  UDDI  keys. 

The  new  specification  also 
will  have  new  search  parame¬ 
ters,  such  as  search  for  exact 
matches.  A  new  subscription 
API  lets  users  be  notified  of  any 
changes  to  a  specific  registry 
entry  and  copy  that  change 
between  registries. Version  3 
also  will  introduce  a  new  infor¬ 
mation  model. 

Bellwood  says  UDDI  Version  3 
is  what  the  core  group  of  Web 
services  specifications  has 
been  waiting  for  to  be  com¬ 
plete.  He  credits  other  Web  ser¬ 
vices  specifications,  such  as 
WS-Security  and  the  Security 
Assertion  Markup  Language,  as 
keys  to  its  development.  He  says 
more  specifications  such  as 
reliable  messaging  will  make 
UDDI  a  more  secure  and  reli¬ 
able  protocol  for  all  UDDI  reg¬ 
istry  deployments. 

“UDDI  is  the  glue  that  ties 
together  the  whole  Web  ser¬ 
vices  idea  of  loosely  coupled 
applications,”  says  Ted  Haeger, 
director  of  product  manage¬ 
ment  for  Novell’s  eDirectory 
and  Nsure  UDDI  server.  “If  you 
can’t  locate  a  Web  service,  you 
can’t  use  it.’’B 
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Users  take  open  source  databases  for  a  spin 


■  BY  JOHN  COX 

No  one  so  far  has  ripped  out  a  clustered  Oracle  9i 
database  on  multiprocessor  Sun  servers  and  re¬ 
placed  it  with  a  free,  open  source  database  down¬ 
loaded  from  the  Web,  running  on  a  bunch  of  Intel-based 
Linux  servers. 

But  a  growing  number  of  network  executives  are  pio¬ 
neering  these  freely  available  data  managers.They’re  find¬ 
ing  that  open  source  databases  are  reaching  a  state 
where  they  can  become  the  latest  addition  to  their  inven¬ 
tory  of  open  source  tools,  including  the  Linux  operating 
system,  the  Apache  Web  server  and  the  Tomcat  Java 
servlet  engine. 

Users  say  the  attractions  include: 

•  Very  fast  performance,  especially  in  read-only 
applications. 

•  No  or  nominal,  licensing  costs. 

•  Low  administrative  and  operational  costs. 

Burlington  Coat  Factory  Warehouse  is  a  Linux  user  look¬ 
ing  at  the  open  source  database  technology  The 
Burlington,  N.J., company  deployed  Linux  servers  in  its 
retail  stores  nationwide  a  few  years  ago. 

“Were  not  sure  about  embracing  open  source  databas¬ 
es  yet,”  says  Brad  Friedman,  the  company’s  vice  president 
of  information  servers.“But  we  will  probably  do  so  in  our 
retail  locations.  As  to  the  back-end  servers,  we’re  still 
ingrained  with  Oracle,  which  has  a  fair  amount  of  support 
for  Linux.” 

Friedman’s  comment  shows  a  typical  pattern  in  compa¬ 
nies  that  are  weighing,  or  experimenting  with  open 
source  databases.  High-volume  database  updates,  which 
are  the  essence  of  transaction-processing  applications, 
remain  anchored  on  products  such  as  Oracle’s  9i  and 
IBM’s  DB2  Universal  Database,  and  increasingly  Micro¬ 
soft’s  SQL  Server.  But  there  are  a  host  of  new  application 
areas  that  don’t  require  the  complex,  and  expensive,  fea¬ 
tures  found  in  these  massive  products. 

“Some  of  our  groups  that  use  Oracle  never  were  wed¬ 
ded  to  Oracle’s  high-priced  features,” says  Jeremy 
Zawodny,  technical  Yahoo,  for  Yahoo,  Inc.,  in  Sunnyvale, 
Calif.'If  you  don’t  need  these  features, you  probably  don’t 
have  to  pay  the  price  for  them  [with  an  open  source 
alternative] .” 

At  Yahoo,  the  MySQL  open  source  database,  from 
MySQL  AB  of  Sweden,  has  “spread  from  being  used  by  a 
few  groups  to  the  core  infrastructure”  of  the  Internet  por¬ 
tal,  Zawodny  says.  MySQL  handles  vast  amounts  of  data 
from  hundreds  of  daily  news  feeds, such  as  Associated 
Press  and  Reuters, stock  market  tickers  and  so  on. The 
data  is  stored,  marked  up  and  posted  in  Web  pages  in 
response  to  mouse  clicks  by  Yahoo  visitors. 

“MySQL  is  a  core  piece  of  that  content-generation  sys¬ 
tem,"  Zawodny  says.  “This  alone  accounts  for  a  great  deal 
of  the  content  we  publish  on  a  daily  basis.” 

Open  source  makeup 

Open  source  databases  typically  are  available  for  free  or 
a  nominal  charge.and  include  complete  source  code. 
Finally,  in  accordance  with  the  terms  of  the  GNU  General 
Public  License  (GPL),  the  users  typically  have  the  free¬ 
dom  to  change  any  part  of  the  source  code,  and  use  it 
without  charge,  as  long  as  they  publish  the  change.  Once 
published,  the  change  can  be  used  by  anyone. 


An  alternative  arrangement  is  the  Berkeley  Software 
Development  (BSD)  license,  used  by  PostgreSQL,  which 
gives  source  code  developers  a  proprietary  head  start  of 
24  months  for  their  innovations,  after  which  they  become 
part  of  the  public  code  base. 

There  is  an  array  of  open  source  databases.Firebird, 
based  on  Borland’s  venerable  InterBase  database  (www. 
nwfusion.com,  DocFinder:  5631),  is  one  of  the  few  that 
have  the  support  and  blessing  of  vendors  or  well-orga¬ 
nized  communities  of  coders. 

MySQL  also  is  proving  popular  in  the  open  source  com- 
munity’The  open  source  world  likes  MySQL,”  Yahoo’s  Za¬ 
wodny  says.“Every  time  a  new  [programming]  language 
comes  out,  usually  the  first  thing  developers  do  is  add 
database  connectivity  to  MySQL. There  are  bindings  and 
drivers  for  all  kinds  of  languages. You  don’t  usually  see  this 
[response]  with  a  closed  commercial  product.” 


FbstgreSQL  is  the  most  mature  of  the  open  databases, 
and  PostgreSQL.org  maintains  an  extensive  and  well-orga¬ 
nized  Web  presence  for  its  developer  community 
PostgreSQL,  Inc.  is  a  Canadian  company  that  offers  appli¬ 
cations  along  with  support  services.  Red  Hat  bases  its 
product  offering  on  PostgreSQL. 

A  storehouse  of  innovation? 

The  open  databases  are  often  storehouses  of  innova¬ 
tion.  MySQL  for  example  has  won  praise  for  an  architec¬ 
ture  that  has  a  core  relational  manager  which  can  be 
used  by  different  kinds  of  plug-in  “data  handlers.”  Open 
source  developers  can  write  their  own  data  handles  for 
geographic  data,  for  example.  Oracle  and  DB2  also  sup¬ 
port  such  objects  instead  of  just  data  in  rows  and  tables. 
Red  Hat’s  most  recent  version  of  its  Red  Hat  Database  has 
a  highly  automated  installer.  Again,  the  proprietary  ven¬ 
dors  also  are  automating  their  products. 

But  the  open  databases  tend  to  be  far  simpler  than  their 
upscale  rivals  in  all  these  areas.That’s  a  major  reason  for 
their  fast  read  performance,  advocates  say  And  it  also 
accounts  for  the  low  operational  overhead. 

“When  you  have  a  much  less  complex  product,  there 
are  fewer  things  to  watch,  and  fewer  things  to  go  wrong,” 
Zawodny  says.“You  don’t  need  a  full-time  [database 
administrator]  looking  after  it.  And  that  makes  [the  open 
database]  cheaper,  too.” 

To  some,  that  same  simplicity  can  make  the  open  prod¬ 
ucts  seem  “brain-dead”  compared  with  Oracle  and  DB2’s 


features.  Stored  procedures  and  triggers,  which  have  been 
relational  programming  standards  for  more  than  a 
decade  in  commercial  products,  are  missing  from  some 
open  products,  such  as  MySQL,  but  not  from  FbstgreSQL. 
Both  features  will  be  added  to  MySQL  this  year,  according 
to  the  company. 

A  common  criticism  is  that  open  databases  don’t  sup¬ 
port  transactions  or  don’t  do  so  as  well  as  the  commer¬ 
cial  products. 

“MySQL  has  a  fast  database  for  content  store,  but  it  is 
still  immature  in  terms  of  transaction  processing  on  the 
back  end,”  says  Charles  Garry  an  analyst  for  Gartner, 
assessing  open  databases  for  a  Gartner  teleconference  on 
server  infrastructure. 

Advocates  say  transaction  support  in  open  databases  is 
improving. 


Grown-up  software 

Immaturity  in  some  areas  of  an  open  database  might 
not  be  a  problem  if  the  software  has  what  you  need  in 
other  areas,  or  has  a  credible  track  record  of  delivering 
new  features  on  a  regular  basis. 

The  open  source  model  is  not  monolithic:There  are 
variations  on  a  theme.  FbstgreSQL.org  is  emblematic  of 
the  free  source  code  model,  in  which  the  database  code 
is  not  owned  by  anyone,  and  the  community  organizes 
development  and  enhancements.  But  the  BSD  license 
gives  companies  such  as  FbstgreSQL,  Inc.,  a  24-month 
claim  on  whatever  innovations  they  might  create. 

By  contrast,  MySQL  was  developed  in  the  mid-1990s  as 
a  Web  database  by  three  Scandinavian  programmers.The 
company  freely  offers  the  source  code  under  the  GNU 
GPL.  But  it  also  offers  a  commercial  license.  According  to 
MySQL  CEO  Marten  Mickos, Cisco  is  a  commercial 
licensee  of  MySQL,  incorporating  it  in  five  products, 
including  its  network  intrusion-detection  software. “They 
came  to  us  and  said, ‘we  love  your  product,  but  our 
lawyers  won't  let  us  use  it  under  the  GPL,’”  Mickos  says. 
With  the  commercial  license, any  changes  Cisco  engi¬ 
neers  make  to  the  source  code  remain  Cisco’s  intellect¬ 
ual  property  and  a  distinguishing  feature  of  its  product. 

Yahoo  has  deployed  MySQL  under  the  GPL  license.“l 
can  download  it,  change  it,  use  it  my  way  forever,  and 
never  pay  them  a  dime,”  Zawodny  says.  Another  benefit  is 
the  community  that  springs  up  around  a  successful  open 
source  program,  fixing,  refining  and  improving  it.  ■ 


Variety  spices  open  source  databases 


Here’s  the  rundown  on  key  open  source  databases. 

Product 

MySQL  4.0 

Red  Hat  database  2.1 

SAP  DB  7.4 

Licensing 

GNU  General  Public  License 
optional  commercial  license. 

No  license  specified. 

GNU  General  Public  License. 

Features 

•  Supports  "broad  subset"  of 
ANSI  SQL99  standard. 

•  Runs  on  Linux,  Microsoft 
Windows,  various  Unix  platforms. 

•  Modular  design  lets  users  plug 
in  different  storage  engines  to  suit 
applications. 

•  Supports  "core  constructs"  of 
ANSI  SQL92  standard. 

•  Runs  on  Red  Hat  Linux  7.3, 8.0 
and  Advanced  Server. 

•  Mature  DB  project  pioneered  25 
years  ago  at  the  University  of 
California,  Berkeley. 

•  Supports  SQL92,  entry  level. 

•  Runs  on  Linux  (Intel),  Microsoft 
Windows,  leading  Unix  brands. 

•  Designed  for  high-volume,  online 
transaction  processing;  100  SAP 
developers  handle  development. 

See  old  apps  combine  with  new  apps. 
See  customers  connect  with  partners. 
See  today’s  stuff  click  with  tomorrow’s 


WebSphere  Business  Integration  is  far  and  away  the  leading  integration  software  for  the  on  demand 
era.  Open  and  flexible,  WebSphere  lets  you  model, /integrate  and  manage  all  of  your  business 
processes.  WebSphere  delivers  an  infrastructure  that  quickly  responds  to  change,  meeting  business 
demands,  on  demand.  For  an  Integration  InfoKit  and  case  studies,  visit  ibm.com/websphere/seeit 


ai  Business  Machines  Corporation  in  the  United  States  and'or  other  countries.  Certain  infottnatoin 
trnmary  2003"  ■  2003  WmterGreen  Research,  Inc.  s?  2003  IBM  Corporation.  All  rightS.mserved: 


IBM,  WebSphere.  the  e-txisiness  logo  and  e-busmess  on  demand  are  registered  trademarks  or  trademarks  of 
contained  within  this  advertisement  is  based  on  results  ot  the  WinterGreen  Study.  'Application  Integration  Ex 
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The  switch  that  adapts 
to  any  environment. 

And  always  will. 


Introducing  the  Matrix™  N-Series 

Scalability  and  security  adapted  to  your  enterprise. 


Because  your  needs  change  so  often,  you 
need  a  switch  that  can  keep  up.  That's  the 
revolutionary  new  Matrix  N-Series. 
Thanks  to  an  exclusive  distributed  architec¬ 
ture — where  all  switching  and  control 
functions  reside  on  each  module — the  N- 
Series  lets  you  cost-effectively  add  bandwidth, 
users  and  applications  on  the  fly.  And  no 
other  switch  offers  such  a  low  entry  cost. 


video  streaming,  VoIP  and  more  without 
expensive  upgrades.  With  unsurpassed 
reliability,  flexibility  and  investment 
protection,  the  N-Series  is  a  key  component 
to  any  Business-Driven  Network.  ™ 

Now  and  always. 

For  more  information,  visit  us  on  the  web 

at  enterasys.com/n-series. 


A  wide  range  of  secure  connectivity 
options  means  the  Matrix  N-Series  will 
scale  to  support  converged  applications  like 


See  the  Matrix  N-Series  at 
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■  THE  INTERNET  ■  EXTRANETS  ■  INTEREXCHANGE  AND  LOCAL  CARRIERS 

■  WIRELESS  ■  REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE  DEVELOPMENTS 


■  MCI,  formerly  WorldCom,  an¬ 
nounced  its  Global  Streaming 

Video  service  last  week.  The  carrier 
is  teaming  with  Yahoo  Broadcast 

Solutions  to  support  the  service. 
Business  customers  can  sign  up  for 
three  hours  of  live  or  archived  video 
streaming  to  up  to  500  simultaneous 
users  for  $7,500.  Customers  also  have 
access  to  an  MCI  Conference  Meet¬ 
ing  Manager  and  30  days  of  video 
archiving.  MCI  transfers  video  content 
to  Yahoo's  streaming  server  through  a 
secure  connection.  Yahoo  hosts,  dis¬ 
tributes  and  archives  the  video  con¬ 
tent.  Global  Streaming  Video  cus¬ 
tomers  provide  their  audience  with  a 
user  ID  and  password. 

■  Internap  Network  Services  is 

enhancing  its  performance-based 
routing  services  with  a  managed  fire¬ 
wall  offering.  The  service  is  geared 
toward  small  and  midsize  businesses 
withT-1  connections.  The  service 
includes  a  Cisco  IOS  firewall  that 
Internap  monitors  24/7.  With  the  ser¬ 
vice,  companies  can  protect  internal 
systems  from  outside  attacks,  and 
monitor  and  manage  connections  to 
the  Internet  from  inside  the  network, 
the  service  provider  says.  The  service 
includes  installation  and  configuration, 
interconnection  with  filtering  services, 
network  address  translation  and 
establishment  of  demilitarized  zones 
for  Web  and  e-mail  servers. 

■  Sprint  PCS  Group  is  targeting  cor 
porate  customers  with  its  latest 
voice-activated  dialing  service.  Called 

Sprint  PCS  Voice  Command  Busi¬ 
ness  Directory,  the  service  lets  a 
customer  set  up  voice-activated  dial¬ 
ing  for  all  Sprint  PCS  wireless  users 
in  the  company.  The  service  is  part  of 
Sprint  PCS  Clear  Wireless  Workplace 
package.  A  network  administrator 
manages  the  directory  through  a 
Sprint  PCS  Web  site,  where  former 
employees  can  be  deleted  and  new 
hires  can  be  added  to  the  list.  Sprint 
PCS  charges  customers  $250  to  set 
up  a  corporate  directory.  Monthly 
charges  start  at  $75  per  month,  in 
addition  to  regular  wireless  rates. 


Sprint  pitches  frame  over  DSL 


■  BY  DENISE  PAPPALARDO 

LAS  VEGAS  —  Sprint  is  promising  to  re¬ 
duce  local  service  costs  by  25%  to  30%  for 
many  customers  with  its  Frame  Relay  over 
DSL  service  set  to  launch  this  week  at  Net- 
World+Interop  2003. 

Pitched  as  alternative  connectivity  to 
local  frame  relay  Sprint  is  using  Covad 
Communications’  local  networks  through¬ 
out  the  country  to  offer  192K  up  to  1.5M 
bit/sec  DSL  connectivity  to  its  frame  back¬ 
bone.  The  carrier  expects  many  low-speed 
frame  relay  customers  to  be  interested  in 
this  offering  because  of  rising  local  access 


charges,  says  Larry  DeNayer,  manager  of 
product  planning  and  integration  at  the 
carrier. 

The  service  also  is  targeting  customers 
looking  for  a  less-expensive  back-up  ser¬ 
vice  that  bypasses  their  incumbent  local 
exchange  carrier. 

“Customers  with  56K  bit/sec  frame  relay 
service  pay  about  $200  [per  month]  for 
aggressively  priced  access,”  DeNayer  says. 
“Frame  Relay  over  DSL  customers  will  pay 
the  same  for  192K  bit/sec  DSL  on  a  three- 
year  contract.” 

The  carrier  says  users  that  compare 
Sprint’s  Frame  Relay  over  DSL  service  with 


Lucent  looks  to  tap 
enterprises  -  again 

Partnerships,  indirect  channels  line  up  for  new  markets. 


■  BY  JIM  DUFFY 

MURRAY  HILL,  N.J.  —  Three  years  after 
spinning  off  its  enterprise  operations  into  a 
new  company  called  Avaya,  Lucent  is  look¬ 
ing  to  re-engage  with  corporations  through 
partnerships  and  indirect  channels. 

Lucent  is  awakening  a  global  business 
partner  program  that  company  officials  say 
has  been  dormant  of  late.  The  company  is 
looking  to  tap  new  markets  and  sources  of 
revenue  to  complement  the  direct  rela¬ 
tionships  it  has  with  the  30  to  50  biggest 
carriers  in  the  world  that  make  up  the 
majority  of  its  sales. 

“Lucent  has  had  some  dark  times  recent¬ 
ly  and  they’re  looking  for  new  opportuni¬ 
ties,”  says  Michael  Doherty,  research  direc¬ 
tor  for  Ovum. 

“They  do  carriers  very  well,  but  not  other 
[markets]  very  well,”  he  adds. 

Although  the  partnership  program’s  pri¬ 
mary  market  is  alternative  service  pro¬ 
viders,  corporations  are  second  on  the  list 
and  their  contribution  to  revenue  is  ex¬ 
pected  to  grow,  says  Frank  Farese,  vice 
president  of  Lucent’s  global  business  part¬ 
ners  program. 

“We  get  great  access  to  the  enterprise 
through  partners,”  Farese  says. 

Lucent  began  to  formalize  its  business 
partner  program  about  six  months  ago 
with  a  $40  million  investment  and  an 
infusion  of  about  210  employees,  Farese 


Lucent's  business 
partner  opportunity 


A  $30  billion  market  in  2003. 


SOURCES:  LUCENT  CORPORATE  STRATEGY, 
IDC,  GARTNER.  PYRAMID  RESEARCH 


says.  Alliances  and  indirect  channels  qui¬ 
etly  racked  up  between  $450  million  and 
$550  million  in  revenue  for  Lucent  last 
year,  or  about  4%  of  the  company’s  overall 
revenue. 

This  year  the  unit  is  expected  to  accumu¬ 
late  between  $550  million  and  $750  mil¬ 
lion,  he  says. 

Seventy-five  percent  of  that  coming  from 
alternative  service  providers  with  the 
remainder  deriving  from  corporations,  gov¬ 
ernment,  storage  and  cable  providers, 

See  Lucent  page  40 


traditional  access  services  at  1M  bit/sec 
likely  will  see  larger  cost  savings. 

One  industry  expert  says  Sprint  is  on  the 
right  track  with  this  offering. 

“This  is  a  positive  development  for 
Sprint,”  says  Michael  Suby  an  analyst  at 
Stratecast  Partners.  The  carriers  have 
expanded  the  reach  of  frame  relay  on  the 
high  end,  offering  45M  bit/sec  support, so  it 
makes  sense  to  also  expand  it  at  the  low 
end,  he  says. 

Sprint  is  offering  symmetrical  DSL 
(SDSL)  and  ISDN  over  DSL  (IDSL).  While 
not  nearly  as  popular  as  SDSL,  IDSL  can 
reach  users  who  are  farther  away  from  a 
carrier’s  central  office  switch  site.  IDSL  sup¬ 
ports  data  transmissions  up  to  144K  bit/sec 
to  users  up  to  39,000  feet  from  a  central 
office.SDSL supports  data  transmissions  up 
to  1.5M  bit/sec,  but  only  for  users  who  are 
within  18,000  feet  of  a  central  office. 

While  DSL  will  offer  users  another  choice 
when  it  comes  to  local  access.it  will  not  be 
useful  for  customers  who  are  paying  some 
of  the  highest  access  fees.Traditional  frame 
relay  access  provisioned  by  local  ex¬ 
change  carriers  can  get  very  expensive  for 
users  in  rural  areas  that  are  many  miles 
from  a  central  office.  And  the  majority  of 
those  customers  will  not  be  able  to  use 
Sprint’s  new  offering. 

Sprint’s  Frame  Relay  over  DSL  includes  a 
standard  service-level  agreement  (SLA). 
The  carrier  guarantees  its  data  delivery 
rate  will  average  99%  at  a  minimum,  and 
port  availability  will  average  99.9%  at  a 
minimum.  The  SLA  also  promises  latency 
will  not  exceed  150  millisec  for  port 
speeds  above  256K  bit/sec  or  130  millisec 
for  port  speeds  below  255K  bit/sec. 

The  service  also  includes  DSU/CSU  gear 
from  Paradyne,  which  connects  to  a  user’s 
existing  frame  relay  router. 

And  although  this  is  a  new  offering  for 
Sprint  and  its  frame  customers,  competi¬ 
tors  have  offered  DSL  to  frame  relay  for 
two  to  three  years.  AT&T  launched  its  DSL 
to  frame  service  at  the  end  of  2000.  The 
carrier  also  offers  users  an  option  of  using 
SDSL  or  IDSL  at  similar  service  rates. 

AT&T  charges  users  $165  per  month  for 
128K  bit/sec  IDSL  link  and  $440  per  month 
for  a  1M  bit/sec  SDSL  link.These  are  AT&T’s 
list  prices  and  do  not  include  discounts. 

MCI,  formerly  WorldCom,  launched  its 
DSL  to  frame  relay  service  in  1999.  MCl’s 
offer  is  available  in  two  flavors:  basic  and 
premium.  The  two  flavors  differ  based  on 
the  carrier’s  oversubscription  rate,  which 
See  Sprint  page  40 
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OpenReach  supports  WLAN  security 


Secure  wireless,  Internet  remote  access 

OpenReach  has  upgraded  its  SSL/IPSec  gateway  to  secure  wireless  LANs. 


Site  B 


OpenReach 

gateway 


A  wireless  device  establishes  an  SSL 
or  IP  Security  session  with  the  local 
OpenReach  gateway,  protecting  the 
link  from  drive-by  hacking,  and  the 
gateway  bridges  the  link  to  another 
local  wireless  device  or . . . 


© 

The  wireless  device  seeks  a  connection 
to  a  second  corporate  site  via  the 
Internet.  In  this  case  the  server 
checks  with  the  OpenReach  point  of 
presence  to  coordinate  a  secure 
connection  to  the  remote  site. 


© 

Either  by  bridging  an  ecrypted 
tunnel  or  establishing  a  second 
tunnel,  the  gateway  completes 
a  link  across  the  Internet  to  the 
second  gateway  that  is  secured 
from  the  wireless  device. 


■  BY  TIM  GREENE 

WOBURN,  MASS.  —  OpenReach  is  up¬ 
grading  its  IP  Security  and  Secure  Sockets 
Layer  services  to  include  protection  of 
wireless  LANs  by  using  secure  tunnels 
and  then  melding  these  local  wireless 
tunnels  into  secure  WAN  connections 
over  the  Internet. 

Version  5.0  of  OpenReach  IP  WAN 
Services  software  lets  OpenReach  secur¬ 
ity  gateways  create  SSL  or  IPSec  sessions 
with  any  flavor  of  802.1 1  wireless  devices, 
shoring  up  the  wireless  security  that 
many  users  don’t  trust  (see  graphic, 
right).  The  gateway  can  tunnel  that  con¬ 
nection  through  to  a  gateway  at  another 
corporate  site  using  the  Internet  as  the 
WAN  connection. 

OpenReach  is  doing  this  via  its  software 
upgrade  and  by  requiring  a  third  network 
interface  card  (NIC)  in  the  server  hardware 
on  which  OpenReach ’s  gateway  software 
runs.  The  third  NICs  create  separate  net¬ 
work  segments  for  connecting  to  wireless 
access  points. 

“This  will  enable  us  to  buy  dumb  access 
points  and  use  the  OpenReach  [gateways] 
for  authentication  [to  the  wireless  net¬ 
work]  ,”  says  Marc  Palano,  IT  director  for 
ITW,  a  manufacturing  conglomerate  in 
Glenview,  Ill.,  that  uses  about  400  Open- 
Reach  gateways. 

With  this  new  feature,  OpenReach  is  get¬ 
ting  in  early  on  a  trend  among  IPSec  VPN 
vendors  of  marrying  local  wireless  and 
WAN  security.  Recently,  SonicWall  intro¬ 
duced  a  device  for  small  offices  that  acts  as 
a  wireless  access  point,  establishes  IPSec 
tunnels  with  local  wireless  devices  and 


also  creates  IPSec  connections  from  that 
site  to  other  sites  over  the  Internet. 

This  fits  in  with  an  emerging  move 
toward  borderless  networks  where  the  LAN 
and  WAN  blend  with  less  of  a  wall  between 
the  two,  says  Michael  Suby,  senior  research 
analyst  with  Stratecast  Partners.  Open- 
Reach’s  LAN-WAN  secure  wireless  bridge 
can  simplify  setting  up  security  between 
sites,  he  says. 

“Perhaps  you  work  with  one  vendor  for 
your  LAN  and  a  different  vendor  for  your 
WAN.  Now  you’re  working  in  wireless,  and 
you  want  a  single  security  policy  without 
gaps.  In  that  case  there  is  value  to  having  a 


single-vendor  approach," Suby  says. 

Potential  vulnerabilities  are  a  key  factor 
that  business  IT  executives  weigh  in 
deciding  whether  to  use  wireless  gear, 
according  to  participants  in  a  recent  user 
roundtable  held  by  Sage  Research. “They 
are  extremely  apprehensive  about  wire¬ 
less  LAN  security,  to  the  extent  that  several 
have  not  deployed  WLANs  at  all  due  to 
security  concerns,”  says  Chris  Neal,  a 
research  director  at  Sage. 

Along  with  the  new  wireless  support, 
OpenReach  IP  WAN  Services  5.0  software 
adds  a  tunnel-forwarding  feature  that  lets 
network  executives  arrange  their  VPN  in  a 


hub-and-spoke  design  to  better  control 
Internet  access.  Each  ITW  site  has  Internet 
access  for  connecting  to  the  VPN,  and  that 
is  all  Palano  wants  that  access  to  be  used 
for.  He  does  not  want  it  to  be  used  for  gen¬ 
eral  Internet  access  because  that  would  re 
quire  installing  expensive  firewalls  at  each 
site,  he  says. 

The  tunnel-forwarding  feature  lets  ITW  re 
strict  branch-office  use  of  the  Internet  to 
create  a  tunnel  with  a  corporate  hub  site. 
All  general  Internet  traffic  from  branch 
offices  is  funneled  down  this  VPN  tunnel  to 
the  hub,  where  it  is  routed  back  onto  the 
Internet  through  the  hub  site’s  firewall. 

This  same  feature  lets  customers  tunnel 
connections  between  their  branch  offices 
by  going  through  a  hub  site  rather  than 
connecting  them  directly  Tunnel-forward¬ 
ing  VPN  connections  among  branch 
offices  are  made  using  two  tunnels,  one 
from  a  branch  office  to  a  central  hub  site 
and  a  second  from  the  gateway  at  the  hub 
and  the  gateway  at  a  second  branch  office. 
This  means  the  branch-office  gateways 
need  just  one  tunnel  configuration  rather 
than  one  for  each  of  the  other  branch 
offices,  greatly  reducing  the  complexity  of 
setting  up  the  gateways. 

Version  5.0  of  the  software  also  supports 
authentication  from  external  Remote 
Authentication  Dial-In  User  Service  and 
Lightweight  Directory  Access  Protocol 
servers,  eliminating  the  need  to  make  sep¬ 
arate  tables  for  the  OpenReach  gateways. 
It  also  allows  use  of  RSA  Security  SecurlD 
and  CryptoCard  authentication.  The  soft¬ 
ware  also  supports  SNMP  so  customers 
can  monitor  their  OpenReach  service  via 
their  LAN  management  systems.  ■ 


Sprint 

continued  from  page  37 

refers  to  the  number  of  users  that  sub¬ 
scribe  to  a  service  compared  to  the  actual 
number  of  ports  the  carrier  has  to  support 
that  service.  The  basic  service  is  oversub¬ 
scribed  at  an  eight-to-one  (eight  users  to 
one  port)  ratio  and  the  premium  service  is 
oversubscribed  at  a  two-toone  (two  users 
to  one  port)  ratio.  Customers  that  subscribe 
to  the  premium  service  should  expect  bet¬ 
ter  throughput  and  network  availability 
because  fewer  customers’  traffic  is  fighting 
for  the  same  port. 

MCI  charges  $225  per  month  for  basic 
and  $300  for  its  premium  128K  bit/sec 
DSL  to  frame  relay.  The  carrier  charges 
$525  for  basic  and  $975  for  its  premium 
1M  bit/sec  DSL  to  frame  service.  And  like 
AT&T,  these  are  MCI’s  list  prices  and  do 
not  include  discounts. 

Sprint’s  Frame  Relay  over  DSL  Service’s 
lowest  bandwidth  option  is  at  192K  bit/sec. 
The  carrier  charges  $515  per  month  for  its 
1 M  per/sec  option  for  users  that  sign  a  one- 
year  contract. 


fcfc  It  makes  sense  to  offer 
multiple  access  choices 
that  allow  carriers  to 
expand  the  reach  of  their 
existing  investment  in 
frame  relay. 

Michael  Suby 

Analyst,  Stratecast  Partners 

Neither  AT&T  nor  Sprint  differentiates 
their  services  based  on  oversubscription 
rates. 

“It  makes  sense  to  offer  multiple  access 
choices  that  allow  carriers  to  expand  the 
reach  of  their  existing  investment  in  frame 
relayf  Stratecast  s  Suby  says. 

Although  frame  relay  has  been  available 
for  more  than  10  years,  the  carriers  still  are 
reporting  annual  growth.  While  IP  might 
be  the  future  of  all  carrier  networks,  frame 
relay  is  still  a  dependable  and  reliable 
data  service  for  business  users.  ■ 


Lucent 

continued  from  page  37 
Farese  says. 

The  impetus  to  formalize  the  partnership 
program  was  not  only  to  grow  that  4%  fig¬ 
ure,  but  to  tap  the  full  sales  potential  of 
products  that  Lucent  has  sold  chiefly  to 
service  providers,  says  Mark  Wilson,  vice 
president  of  sales  and  marketing  within 
the  global  business  partner  program. 
Demand  for  products  such  as  Lucent’s 
VitalSuite  performance  management  soft¬ 
ware  and  OptiStar  storage  networking 
switch  is  building  among  companies, 
Wilson  says. 

“There’s  a  bigger  addressable  market  in 
the  enterprise  space,”  he  says. 

VitalSuite  can  tap  into  a  $800  million 
worldwide  market  and  give  Concord 
Communications’  network  performance 
reporting  software  a  run  for  its  money,  the 
Lucent  officials  say.  OptiStar  can  address  a 
$270  million  Fibre  Channel  over  IP 
SONET/synchronous  digital  hierarchy 
storage  edge  switch  market  led  by 
Computer  Network  Technologies,  the 


company  says. 

Lucent’s  partner  in  attacking  the  enter¬ 
prise  storage  market  is  McData.The  tele¬ 
com  vendor  also  has  partnerships  with 
enterprise  giants  IBM  and  Sun  for  metro¬ 
politan  optical,  massaging  and  customer 
care  sales  opportunities. 

Lucent  even  has  an  arrangement  with 
Avaya  to  offer  ATM  connectivity  for  call 
center  applications,  an  interesting  turn  of 
events,  considering  that  Lucent  jettisoned 
its  enterprise  operations  years  earlier  in 
an  effort  to  focus  exclusively  on  the  ser¬ 
vice  provider  market.That  event  gave  birth 
to  Avaya. 

What  goes  around  comes  around, 
Ovum’s  Doherty  says. 

“That's  this  crazy  world  that  we  live  in,” he 
says.  “We’ve  come  full  circle.  Nothing  sur¬ 
prises  me  these  days.” 

Lucent  plans  to  expand  the  partner¬ 
ship  strategy  into  the  mobility,  services 
and  messaging  markets  next  year,  Farese 
says.  This  will  add  $300  million  in  rev¬ 
enue,  making  the  global  partnership  pro¬ 
gram  a  $1  billion  operation  within 
Lucent,  he  says.  ■ 


SPECIAL  ADVERTISING  SECTION 


Looking  Deeper, 
Running  Stronger 

An  intelligent  infrastructure  maximizes  network  uptime, 
ensuring  around-the-clock  access  and  productivity. 

When  a  network  goes  down,  it  doesn’t  go  down  alone.  Productivity,  profitability,  and  con¬ 
fidence  fall  right  along  with  it.  Professional  and  corporate  reputations  can  get  dragged 
down,  too. 

No  wonder  the  majority  of  businesses  that  depend  on  networks  depend  on  Cisco  Systems. 
An  intelligent  network  infrastructure  based  on  Cisco  switches  and  routers  provides  the 
highest  levels  of  availability,  so  technical  problems  don’t  get  in  the  way  of  business  goals. 

All  Cisco  switches  and  routers  are  designed  to  keep  minor  issues  from  turning  into 
major  ones.  Redundant  hardware  designs,  for  instance,  ensure  that  if  one  processor, 
supervisor  engine,  or  power  supply  unexpectedly  fails,  another  is  there  to  take  its  place. 
Another  example  is  inline  power,  which  can  be  used  to  run  IP  phones  and  wireless 
access  points,  ensuring  all  lines  of  communication  stay  open  in  the  event  of  a  power 
outage.  Additional  features,  such  as  hot-swappable  line  cards  and  network  modules, 
make  it  possible  to  upgrade  and  repair  devices  without  taking  them  out  of  service. 

Several  new  features  collectively  known  as  Globally  Resilient  IP,  or  GRIP,  were  recently 
made  available  as  a  standard  software  upgrade.  GRIP  protects  not  only  future  produc¬ 
tivity  levels,  but  the  value  of  past  investments,  dramatically  improving  the  fault  tolerance 
of  existing  networks. 

And  because  Cisco  switches  and  routers  are  bound  together  by  Cisco  IOS®  Software,  they 
strengthen  and  unify  every  segment  of  the  network,  from  the  enterprise  access  layer 
through  the  backbone  to  the  outermost  reaches  of  the  WAN.  A  Cisco  intelligent  infra¬ 
structure  also  provides  a  wealth  of  information  on  the  health  of  your  critical  business 
systems,  identifying  deteriorating  conditions  before  they  get  out  of  hand. 

The  end  result  is  a  more  reliable  and  manageable  foundation  for  all  your  network-enabled 
applications.  And  when  network  availability  goes  up,  it’s  a  good  bet  productivity  and 
profitability  won’t  be  far  behind. 


Intelligent  networks  increase 
availability  and  productivity 

Cisco  intelligent  switches  and  routers  offer  multiple 
layers  of  redundancy  and  resiliency,  enabling  business 
networks  to  overcome  unexpected  failures,  and  even 
prevent  problems  from  occurring  in  the  first  place. 
Cisco  offers: 

Reliable  hardware  designs:  Redundant  power  supplies, 
fan  trays,  clocks,  route  processors,  switch  fabrics,  and 
supervisor  engines  allow  the  network  to  recover  from 
otherwise  crippling  failures  without  any  disruption  to 
network  services.  Passive  backplanes  with  no  active 
components  simplify  repairs  and  upgrades.  Hot-swap¬ 
pable  line  cards  and  network  modules  allow  changes 
to  be  made  without  taking  a  device  out  of  service. 

Cisco  GRIP  features:  Building  on  past  innovations  such 
as  Dial-on-Demand  Routing  and  Hot  Standby  Router 
Protocol,  new  features  such  as  Stateful  Network 
Address  Translation  (NAT),  Gateway  Load-Balancing 
Protocol,  and  Cisco  Nonstop  Forwarding  with  Stateful 
Switchover  minimize  the  impact  of  network  failures, 
often  rendering  them  imperceptible  to  users. 

Spanning-Tree  Protocol  enhancements:  Exclusive 
features  such  as  Backbone  Fast,  UplinkFast,  and 
PortFast  decrease  recovery  times  after  failures; 

802.1w  Rapid  Spanning-Tree  Protocol  accelerates 
the  restoration  of  uplink  connectivity;  802.1s  Multiple 
Spanning-Tree  Protocol  enables  load  balancing  and 
improves  fault  tolerance  by  providing  multiple  data 
forwarding  paths. 


Cisco  support  services:  Network  Availability 
Improvement  Support  (NAIS)  includes  availability 
assessments,  benchmarking,  and  an  improvement 
process  to  increase  network  availability  and  resiliency. 


Learn  how  the  high-availability  features  of  Cisco  switches  and  routers 
can  deliver  a  greater  return  on  your  investments  in  technology. 

www.nwfusion.com/cisco/highavailability 
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EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


Good  news  about  route  management 


Readers  of  this  column  might  recall 
my  repeated  homilies  —  OK,  you 
can  call  them  rants  —  about  the 
need  for  reducing  operational  costs  in 
large  networks. 

Time  for  some  good  news:  A  new  product 


category  of  “route  managers”  is  poised  to 
have  an  effect  on  the  cost  of  operating 
large  routed  networks.  Assuming  the  tech¬ 
nology  works  as  advertised,  beneficiaries 
include  service  providers  and  large  com¬ 
panies,  which  can  reduce  the  amount  of 
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time  required  to  configure,  troubleshoot 
and  manage  IP  networks.  Oh,  and  these 
products  will  help  make  IP  services  more 
reliable  and  resilient.  Can't  get  much  better 
than  that! 

In  a  nutshell,  the  idea  is  that  you  drop  a 
box  (or  boxes)  into  your  network.  By  lis¬ 
tening  to  the  ongoing  routing  “conversa¬ 
tions”  in  the  network,  these  boxes  quickly 
create  a  Layer  3  map  of  the  network  show¬ 
ing  route  locations. As  the  routes  change, so 
does  the  image  —  letting  you  keep  a  real¬ 
time  view  of  the  network. 

These  products  aim  to  alert  you  early  to 
problems  such  as  an  increase  in  route  flap¬ 
ping,  which  often  presages  a  network  out- 
age.They  provide  real-time  and  retroactive 
root-cause  analysis  capabilities,  letting 
users  uncover  and  address  the  sources  of 
current  and  past  problems.  They  aid  with 
scenario-impact  analysis,  letting  you  do 
what-ifs  and  capacity  planning  before 
making  changes  in  your  network.  In  short, 
they  provide  network  engineers  with 
something  they  haven’t  had  before:  the 
ability  to  visualize  graphically  what’s  going 
on  in  their  networks. 

Note  that  I’m  not  talking  about  router 
management,  which  generally  focuses  at 
looking  at  such  things  as  queue  depths  and 
port  availability  Nor  am  I  referring  to  ele¬ 
ment  management  systems  such  as  HP 
OpenView  and  others,  which  focus  on 
tracking  the  health  and  availability  of 
diverse  network  resources.  Finally,  these 
devices  shouldn’t  be  confused  with  so- 
called  route  optimizers,  which  pass  traffic 
along  different  routes  according  to  prede¬ 
termined  route  selection  criteria. 

The  breakthrough  is  that  the  devices 
provide,  in  essence,  a  router’s-eye  view  of 
an  IP  network,  both  in  real  time  and  from 
a  historical  perspective.  Oddly  enough, 
such  functionality  has  been  missing  since 
the  dawn  of  the  routing  age.  Even  in  the 
most  sophisticated  network  operation 
centers  at  the  largest  companies,  up-to- 
date  route  information  all  too  often  exists 
only  in  the  minds  of  engineers  or  scrib¬ 
bled  onto  barely  legible  whiteboards. 

All  this  translates  into  two  things:  cost  sav¬ 
ings  and  increased  customer  satisfaction. 
By  making  networks  easier  to  trou¬ 
bleshoot,  route  managers  save  valuable 
engineering  time.  By  making  problems  eas¬ 
ier  to  avoid  and  recover  from,  they  improve 
service-delivery  metrics  such  as  mean- 
time-to-repair,  latency  and  uptime. 

The  catch?  This  technology  is  currently 
available  only  from  a  couple  of  start-ups  — 
Packet  Design  and  Ipsum  Networks  —  so 
network  executives  might  face  a  greater- 
than-usual  challenge  in  introducing  the 
technology  into  their  networks.  Packet 
Design  is  exhibiting  this  week  at  Net- 
World+lnterop  in  Las  Vegas.  Ipsum  received 
a  “new  product  achievement  award”  award 
in  January  at  Comnet. 
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Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research ,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


>  Step  into  the  future  of  wireless  LANs.  The  Secure  Mobility™  Matrix. 


From  access  points,  to  WEP,  to  VPNs,  wireless  LANs  have  come  a  tong  way. 
(hey  still  aren't  secure,  mobile,  interoperable,  and  manageable. 

ntil  now. 

ntroducing  the  Secure  Mobility  Matrix.  A  revolution  in  WLAN  Infrastructure 
for  the  enterprise.  The  Secure  Mobility  Matrix  starts  with  Bluesocket’s  new 
WGX-4000  Switch  Wireless  Gateway.  Unifying  Bluesocket’s  industry-leading 
Wireless  Gateways,  the  Secure  Mobility  Matrix  easily  conforms  to  enterprise 
network  infrastructure  and  topology.  Any  network  infrastructure— without 
expensive  additions  and  reconfigurations. 


Bluesocket's  family  of  Wireless  Gateways  provides  centralized  control  and 
acts  on  every  packet  that  travels  to  and  from  the  WLAN's  access  points  and 
your  corporate  network.  Any  vendors  access  points,  including  the  ones  you 
already  have. 


Make  the  move  to  an  enterprise-class  WLAN  deployment.  Enforce  security, 
mobility,  interoperability,  and  centralized  management  and  control: 


Get  ready  to  Xcelerate  your  thinking.  Enjoy  exemplary  performance  and  ROI. 
With  the  Secure  Mobility  Matrix.  Only  from  Bluesocket. 


For  more  information,  visit  www.bluesocket.com/matrixnw 


Universal  authentication  and  encryption 

WLAN  policy  based  on  role,  time.  VLAN,  services,  and  bandwidth 
Manage  multi-vendor  AP  environments  and  mobile  devices 


fake  a  journey  to 
NetWoilcT ♦Interop-  2003  Las  Veg.fl 
Booth  704S  to  find  out  more.  Or 
visit  www.bluesocket.convtnatrixnw 

to  discover  what  the  Secure 
Mobility  Matrix  can  do  for  you. 


SECURE  MOBILITY 

WE'RE  NOT  HERE  TO  TELL  YOU 
THAT  ANTI-VIRUS  AND 
FIREWALLS  AREN'T  ENOUGH. 


THAT'S  WHAT  WORMS  ARE  FOR 


Dynamic  Threat  Protection.  The  most  complete  protection  available. 

Most  large-scale  Internet  attacks  completely  bypass  firewalls  and  anti-virus.  We  stop  these 
threats  cold.  How?  Simple.  We  are  #1  in  the  world  for  security  intelligence  and  threat  protection 
technology.  We  deliver  the  fastest,  most  accurate  detection,  prevention  and  response  solution. 
We  call  it  Dynamic  Threat  Protection.  Visit  us  at  www.iss.net/iss-nww  or  call  800-776-2362. 
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Now  you  can  know 
who  made  the  change 
in  addition  to  what, 
when,  where,  and 
how  data  change 
has  occurred. 


Tripwire®  assures  the  integrity  of  your  data 
and  gives  you  the  ability  to  immediately  detect 
and  pinpoint  undesired  change  across  all  your 
servers  and  network  devices.  By  establishing 
a  baseline  of  data  in  its  known  good  state, 
Tripwire  software  monitors  and  reports  any 
changes  to  that  baseline  and  enables  rapid 
discovery  and  recovery  when  an  undesired 
change  occurs.  Thus  ensuring  the  stability  of 
your  information  services. 

Maximize  System  Uptime 

■  Identify  change  quickly 

■  Enable  quick  restoration  to  a  desired  state 

■  Eliminate  risk  and  uncertainty 

increase  IT  Staff  Productivity 

■  Lower  costs  and  frustration 

■  Greatly  reduces  the  time  it  takes  to 
find  and  diagnose  problems 

Failsafe  Foundation  for  Data  Security 

■  Ensure  the  integrity  of  your  data 

■  Enable  detailed  audit  reporting 

B  Maintain  granular  visibility  and  control 


Tripwire’s  Integrity  Assurance  solutions  are 
the  only  way  to  have  100%  confidence  that 
your  systems  remain  uncompromised.  In  the 
event  of  a  change  in  state,  you  will  know  who 
made  the  change  and  exactly  what,  when, 
where,  and  how  change  has  occurred  So 
you  can  recover  quickly. 

For  a  FREE  30-day  fully-functional  demo 
and  copy  of  the  white  paper  “What’s  Good 
for  Operations  is  Good  for  Security”, 

call  toll-free:  1 -800-TRIPWIRE  (874.7947) 
or  visit  http://networld.tripwire.com  today! 
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■  PRODUCTS,  SERVICES  AND  STRATEGIES 

FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


Remote-office  roundup 

N+l  offers  something  for  every  network  executive. 


■  Linksys  recently  began  shipping  its 

Wireless  Dual  Band  A+G  Router 
and  A+G  Access  Point.  The  products 
support  wireless  connections  using 
802.11b  (2.4-GHz)  and  802.11a  (5-GHz), 
and  the  emerging  802.1 1g  (2.4-GHz) 
standard,  letting  users  connect  an 
802.11b  or  802.11a  network  at  a  hot 
spot  or  corporate  office,  and  an 
802.11b  or  802.1 1g  network  at  home. 
The  router  costs  $300;  the  access 
point,  $280. 

■  Linksys  also  recently  began  ship¬ 
ping  gigabit  switches  for  the  desktop. 
Geared  to  small  offices  and  homes 
that  need  to  transfer  large  files  (gam¬ 
ing,  video,  graphics),  the  Gigabit  5- 
Port  and  8-Port  Workgroup 
switches  each  include  automatic 
speed  switching  for  10M,  100M  and 
1000M  bit/sec  speeds.  The  five-port 
switch  costs  $150;  the  eight-port 
switch  costs  $200. 

■  Zone  Labs  has  announced  Integ¬ 
rity  2.2,  the  company's  centrally 
managed  security  product.  Geared  to 
securing  employees’  remote  connec¬ 
tions,  Integrity  2.2  provides  increased 
Check  Point  integration  and  failover 
support.  The  new  version  lets  network 
administrators  create  security  poli¬ 
cies  with  specific  conditional  rules  for 
network  access  at  the  file,  registry 
key  or  memory  process  level.  The  new 
version  offers  a  wider  choice  of  fire¬ 
wall  rules,  including  ports  and  proto¬ 
col  restrictions,  and  application-spe¬ 
cific  rules.  Integrity  2.2  is  slated  to  be 
released  this  summer. 

■  Last  week  SMC  Networks  an¬ 
nounced  it  will  begin  shipping  its  Bar¬ 
ricade  DSL/Cable  Broadband 
routers  with  Zone  Labs  ZoneAlarm 
Pro  with  Web  Filtering.  ZoneAlarm 
adds  a  stateful  packet  inspection  fire¬ 
wall  that  protects  against  hacker  inva¬ 
sions  and  denial-of-service  attacks, 
and  URL  and  keyword  Web  site  block¬ 
ing.  Users  can  control  which  applica¬ 
tions  communicate  with  the  Web  and 
quarantine  suspicious  e-mail  attach¬ 
ments.  Existing  SMC  users  can  down¬ 
load  ZoneAlarm  Pro’s  free  30-day  trial. 


■  BY  TONI  KISTNER 

Now  that  were  all  working  from  every¬ 
where,  network  executives  need  to  track 
technology  up  and  down  the  scale. 

It’s  not  enough  to  be  an  expert  in  remote 
access,  security  and  collaboration  tools. 
Today,  you’re  recommending  and  imple¬ 
menting  small-office  gear  for  home  and 
branch  offices,  too.  Small  office/home 
office  network  vendors  get  it;  that’s  why 
many  are  making  a  strong  showing  at  this 
year’s  NetWorld+lnterop.  Here’s  a  rundown 
of  what’s  new. 

Small  to  midsize  offices 

AEP  Systems,  which  makes  Secure  Soc¬ 
kets  Layer  hardware  security  and  accelera¬ 
tion  gear,  will  announce  a  new  version  of 
SureWare  A-Gate,  an  SSL-based  VPN  appli¬ 
ance  for  small  to  midsize  offices.  The 
device  provides  authenticated  access  to 
internal  applications  from  Web-enabled 
devices.  New  in  Version  1.2  is  a  remote 
desktop  that  lets  users  access  Web-based 
applications  such  as  Microsoft  Outlook, 
Word  and  Excel.The  device  costs  $5,000. 

EmergeCore,  which  develops  all-in-one 
network  products,  will  announce  a  new 
version  of  its  all-in-one  network  device, 
which  it  calls  an  “IT  in  a  Box.”The  IT-100  in¬ 
cludes  20G  bytes  of  storage,  router,  four-port 
switch,  firewall, VPN, Wi-Fi  access  point,  FTP 
server,  e-mail  server  and  multiple-domain 
support. 

EmergeCore  says  nontechnical  user  can 
set  up  and  maintain  the  box  via  the  Web- 
based  interface.  The  device  supports  PCs; 
Macintosh  and  Unix  machines;  and  lap¬ 
tops, Tablet  PCs  and  PDAs.  Unlike  the  previ¬ 
ous  version,  which  cost  nearly  $10,000,  the 
new  version  costs  $  1 ,400. 

Linksys,  which  Cisco  acquired  last 
month,  will  announce  support  for  Wi-Fi 
Protected  Access  (WPA)  in  its  wireless 
gear.WPA  is  a  standards-based  security  pro¬ 
tocol  that  eliminates  most  802. 1 1  security 
issues.  WPA  will  be  offered  as  a  software 
download  on  Linksys’  site. 

More  online! 

For  in-depth  coverage 
of  SSL  VPNs  read  Tim 
Greene's  VPN  newsletter. 

DocFinder:  5629 


Netgear,  which  will  announced  its  IPO 
earlier  this  month,  is  distancing  itself  from 
Linksys  and  other  SOHO  network  vendors 
by  offering  more  “business-focused”  prod¬ 
ucts.  Netgear  will  announce  the  ME103,  an 

802.1  lb  access  point  with  enterprise  secu¬ 
rity  and  detachable  antennas.  The  AP  in¬ 
cludes  IP  Security  (IPSec)  VPN  pass- 


EmergeCore's  IT-100  all-in-one  network 
device  includes  a  router,  four-port  switch, 
firewall,  VPN,  Wi-Fi  access  point  and  more. 

through,  support  for  802.1  lx  for  use  with  a 
Remote  Authentication  Dial-ln  Service 
server  and  support  for  a  slew  of  enterprise 
authentication  protocols,  and  WPA  via  a 
software  upgrade.  Available  in  May,  the 
device  will  cost  $240.  The  company  also 
will  debut  the  ANT2405  5dbi  Omni- 
Directional  Antenna  ($30),  the  directional 
ANT24D18  patch  Pane!  Antenna  ($400), 
and  the  ANT24DBC  DC  Power  Injector 
($75),  products  that  extend  the  range  of 
wireless  networks. 

Netgear  also  debuted  the  FWAG114,  a 
four-port  router  with  built-in  IPSec  VPN, 
stateful  packet  inspection  firewall,  and 

802.1  la/g  dual-band  access  point.  The 
device  supports  two  VPN  tunnels.  It  is 
scheduled  to  be  available  in  June  and  will 
cost  $460. 


Large  offices 

Aspelle  will  wait  until  after  the  show  to 
announce  an  update  to  its  SSL-based  VPN, 
Aspelle  Everywhere,  next  week.Although 
Aspelle  won’t  provide  all  the  details.it  says 
the  new  version  will  include  improved  per¬ 
formance,  intranet  support,  and  portal 
functions  to  simplify  user  setup  and  man¬ 
agement.  Also  new  is  multidomain  support 
within  Microsoft  Active  Directory  and 
application-level  authentication. 

Application-level  access  lets  network 
executives  restrict  access  based  on  authen¬ 
tication  type,  which  ensures  the  protection 
of  sensitive  data  such  as  human  resources 
or  financial  databases.  Aspelle  Everywhere 
provides  access  to  all  corporate  applica¬ 
tions,  including  Web,  Unix,  Windows  and 
legacy  systems.The  new  version  is  slated  to 
be  available  in  May  at  a  price  of  $40,000  for 
100  concurrent  users. 

Aventail,  a  leading  SSL  VPN  service  pro¬ 
vider,  will  announce  a  partnership  with  the 
International  Computer  Security  Assoc¬ 
iation  to  create  a  set  of  SSL  VPN  certifica¬ 
tion  criteria.  At  the  show,  many  SSL  VPN 
vendors  are  participating  in  the  SSL  VPN 
Hotspot,  an  area  for  educating  attendees 
on  the  technology  Earlier  this  month  at  the 
FISA  Security  show,  Aventail  announced 
Pocket  PC  support,  which  will  let  users 
access  corporate  applications  from  their 
devices. 

Neoteris  will  unveil  Version  3.1  of  its 
Instant  Virtual  Extranet  SSL  VPN  appliance, 
and  will  announce  a  partnership  with 
Serocom  to  offer  the  IVE  as  a  managed 
service  in  the  U.K.  Version  3.1  includes  a 
new  Windows-based  Secure  Application 
Manager  (SAM),  that  when  coupled  with 
the  IVE’s  existing  Java-based  manager,  sup¬ 
ports  all  client/server  applications.  It  also 
provides  deeper  integration  with  Oracle 
and  Siebel  platforms,  with  Citrix  coming 
soon.  Pricing  for  IVE  3.1  starts  at  $10,000. 

Proxim,  which  bought  Agere  Systems  last 
summer,  will  announce  the  Orinoco  Gold 

802.1  la/b/g  ComboCard,  the  first  dual¬ 
mode  card  geared  to  corporations.  The 
card,  which  lets  users  connect  to  any  Wi-Fi 
network,  comes  in  two  versions.  Gold 
($130)  includes  a  client  utility  that  lets 
users  manage  and  update  their  wireless 
network  and  security  profiles. Silver  ($1 10), 
which  lacks  the  utility  is  geared  to  less- 
mobile  small  office/home  office  workers. 
Like  Linksys  and  others,  Proxim  plans  to 

See  N+l,  page  48 
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Dr.  Tim  Grieser  is  responsible  for  performance  and  availability 
management  software  research  in  IDC’s  Enterprise  Systems 
Management  Software  program.  His  coverage  includes  service 
level  management  for  systems  and  applications  across  a  wide 
variety  of  platforms. 


A  few  minutes  with  Tim  Grieser, 

VP,  Enterprise  System  Management  Software  Program, 
International  Data  Corp.  (IDC) 


Fight  Data  Center  Complexity  with  Self-Managing  Servers 


>  We  now  hear  the  terms  “self-managing,” 
“self-healing,”  “self-protecting,”  “self-optimizing,” 
“self-configuring,”  “policy-based,”  “holistic,” 
“introspective,”  “autonomic”  and  “smart” 
computing  for  systems  management  software  — 
what  does  this  all  mean? 

All  of  these  terms  refer  to  putting  more  system 
management  intelligence  into  software  tools,  so  that 
problem  detection,  diagnosis  and  response  can  be 
performed  automatically  in  an  increasing  number  of  cases. 

>  Just  how  real  and  proven  are  the  lofty  claims  of 
vendors  about  self-managing  IT  infrastructures? 

Quite  real.  Some  aspects  of  self-management  have  been 
successfully  implemented  in  production  environments  for 
a  number  of  years.  For  example,  scripted  responses  (such 
as  re-booting  a  server)  to  fix  common  problems  (such  as 
running  out  of  available  memory  space)  are  commonly 
deployed.Techniques  such  as  event  correlation  are  used 
to  help  determine  which  of  several  events  is  most  likely 
to  be  the  fundamental  or  “root  cause”  of  a  problem. 


>  How  does  an  enterprise  implement  these 
capabilities  across  dissimilar  platforms,  and  are 
standards  important? 

Typically,  there  will  be  platform-specific  management 
components  (such  as  monitoring  agents  for  Windows  and 
Unix  servers)  linked  to  common  management  components 
such  as  “consoles.”  The  common  management 
components  often  deal  with  automatic  responses  to 
events,  and  also  work  with  higher  level  constructs,  such  as 
applications  and  end-user  views.  Standards  are  useful  in  that 
they  can  enable  easier  data  gathering,  such  as  monitoring, 
across  platforms.  Also,  system  management  tools  often  use 
standards  to  communicate  information  from  basic 
monitors  to  higher-level  management  consoles. 


“What  is  really  important 

in  today’s  complex,  distributed 
environments  is  to  simplify  the 
job  of  system  management.” 


>  Why  is  this  all  so  important  and  what  are  the 
most  significant  benefits  to  the  enterprise? 

What  is  really  important  in  today’s  complex,  distributed 
environments  is  to  simplify  the  job  of  system 
management. With  increasing  platform  complexity,  and 
constraints  on  IT  budgets,  IT  professionals  such  as  system 
administrators  are  being  asked  to  manage  more  and  more 
infrastructure  elements,  such  as  servers,  in  less  time. 
lndeed,“doing  more  with  less”  is  a  common  job 
requirement  for  system  administrators  these  days. 
Intelligent  system  management  software  can  simplify  the 
job  of  administrators  by  automating  responses  to  known 
types  of  problems,  thus  reducing  the  number  of  situations 
that  require  manual  intervention  by  the  IT  expert. 

Benefits  to  IT  include  cost  savings,  the  ability  to  “scale”  to 
manage  ever  increasing  numbers  of  servers  and  server 
images,  and  improved  service  levels  such  as  system 
performance  and  availability. 


>  What  can  we  expect  from  this  technology 
three  years  from  now? 

The  direction  is  clearly  toward  higher  levels  of 
automated  responses,  not  only  to  fix  operational 
interrupts  or  breakages,  but  also  to  address  dynamic 
management  of  resources  (such  as  dynamic  load 
balancing  and  provisioning  servers  as  needed)  in  order 
to  achieve  desired  service  levels.  More  and  more,  the 
objective  is  to  reduce  manual  intervention  to  diagnose 
and  fix  problems,  so  that  higher  levels  of  scalability, 
performance  and  availability  can  be  achieved. 

For  more  information,  please  call  800-874-8647  x385 
or  visit  www.unisys.com/datacenter/sentinel 
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Today  the  Unisys  ES7000  family  of  enterprise 
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servers  comes  with  true  self-managing,  self- 
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healing  systems  to  harness  the  massive  power 

of  up  to  32  Intel  Xeon™  processors.  It  can 
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also  help  simplify  your  operations  through 
standardization  on  Microsoft®  Windows® 
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2000  Datacenter  Server.  One  more  detail: 
the  cost  of  the  ES7000  is  as  low  as  1/3  the 
cost  of  comparable  UNIX  systems. 


Server  Technology  with  precision  thinking, 
relentless  execution  to  drive  your  vision  forward 


Imagine  it.  Done. 

unisys.com  800.874.8647  x3  70 
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NetWorker 


Work  wherever,  however,  whatever 


■  consider  myself  a  mobile  worker,  but 
1  really  only  work  where  I  can  get  an 
Internet  connection. That  limits  me  to 
home,  the  occasional  hot  spot  and 
hotels,  where,  by  the  way,  there’s  still  way 
too  much  dial-up.  Wouldn’t  it  be  great  to 
just . . .  connect? 

Gric  Communications  is  working  on  it. 
The  company,  which  has  sold  enterprise 
worldwide  dial  services  for  years,  last  sum¬ 
mer  released  its  MobileOffice  service. At  its 
core,  MobileOffice  is  a  hosted  remote 
access  service  with  a  bunch  of  partner- 
provided  services.  Applications  include 
Gric  Meeting,  a  Web  meeting  service  using 


WebEx;  GricSFA,  a  sales  tool  from  UpShot; 
and  Gric  Expense  &  Time,  a  billing  service 
by  OpenAir.  For  security  Gric  relies  on 
Secure  Sockets  Layer,  encryption  and  inte¬ 
gration  with  existing  VPN  products. 

Earlier  this  month,  Gric  debuted  a  man¬ 
aged  VPN  and  firewall  service,  using  tech¬ 
nology  from  Blue  Ridge  Networks.  Gric 
handles  round-the-clock  operation,  and  a 
management  console  provides  network 
executives  with  the  ability  to  push  out 
security  policies  to  individual  users  or 
groups. 

Gric  also  is  stepping  up  the  types  of 
access  it  offers.  Gric’s  dial-up  access  busi¬ 
ness  includes  20,000  points  of  presence  in 
150  countries.  A  while  back,  Gric  debuted 
broadband  service  via  Wi-Fi  hot  spots.Thus 
far,  it  has  1,200  access  points  in  14  coun¬ 
tries;  68  airports  in  seven  countries;  seven 
convention  centers  in  four  countries  and 
485  hotels  in  six  countries. 

But  what  about  home-based  workers? 


Earlier  this  month,  Gric  announced  a  new 
version  of  MobileOffice  that  includes  cable 
and  DSL  provisioning  for  enterprise  tele¬ 
workers  through  an  unannounced  aggre¬ 
gator-partner. 

New  management  console  features  help 
IT  managers  enforce  corporate  security 
policies.  For  instance,  a  policy  can  be  set 
that  ensures  remote  workers  always  launch 
the  VPN  when  accessing  the  corporate  net¬ 
work  or  to  kill  the  connection  if  the  VPN 
tunnel  is  lost. 

What’s  compelling  about  MobileOffice  is 
that  as  Gric  adds  more  applications,  you 
don’t  pay  extra.  Of  course,  if  you  contract 
for  the  managed  VPN  or  broadband  ser¬ 
vices,  you  have  to  pay  for  that. 

But  otherwise,  the  service  costs  $25  per 
user,  per  month  for  150  hours  of  dial-up 
usage  and  five  hours  of  Wi-Fi.For  more  Wi-Fi 
time  you  can  get  the  $40  package. 

Users  deal  with  a  single  interface,  and  IT 
managers  deal  with  a  single  service  for 


managing  multiple  connections.  Users  sim¬ 
ply  click  on  the  client  software  and  check 
off  the  connection  method  they  need, 
whether  it  be  broadband,  dial-up  or  Wi-Fi. 
Using  multiple  services  saves  money 

“If  I  use  DSL  at  home, and  dial  up  and  Wi¬ 
Fi  while  traveling,  it  costs  me  about  $120 
per  month,"  says  Bharat  Dave,  CEO  of  Gric. 
“But  with  the  Gric  bundled  service,  I’d  save 
about  30%  or  more  depending  on  usage.” 

What’s  next  for  Gric?  Maybe  a  voice-over- 
1P  application,  Dave  says. 

“When  I’m  in  Japan,  I  go  crazy  because 
my  phones  don’t  work  because  the  stan¬ 
dards  are  different.  But  I  can  always  get  a 
good  IP  data  connection,”  he  says. 
“Wouldn’t  it  be  great  if  I  could  put  a  little 
soft-phone  connection  in  there  and  just 
dial  out?” 

It  sure  would  be. 

Kistner  is  managing  editor  of  Net.  Worker. 
She  can  be  reached  at  tkistner@nww.com. 
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offer  a  WPA  upgrade  via  software  down¬ 
load  when  WPA  is  certified  this  week. 

Ranch  Networks  debuted  the  RN5  In¬ 
tegrated  Security  Switch  for  securing  small 
and  branch  offices.  Ranch  provides  what  it 
calls  managed  zones,  which  segment  the 
LAN  into  multiple  secured  zones, each  with 
specific  stateful  security  policies  for  outgo¬ 
ing  and  incoming  traffic. This  lets  network 
executives  isolate  incoming  VPN  traffic,  iso¬ 
late  portions  of  the  LAN,  or  limit  access  to 


the  rest  of  the  network  from  wireless  LANs 
and  conference  rooms,  for  instance.  The 
RN5  integrates  five  security  zones,  band¬ 
width  management,  autodiscovery  and 
Layer  2  to  4  switching.  The  device  costs 
$12,000. 

ServGate  Technologies,  which  sells  secur¬ 
ity  gateways  for  home  offices  up  to  carriers, 
will  announce  the  FlexForce  Security  Gate¬ 
way  Geared  to  gigabit  networks  in  branch 
offices,  corporations  and  carriers,  the 
device  combines  a  VPN  and  firewall  and 
can  support  WAN  connections  from  10M 
bit/sec  to  gigabit.  The  device  can  be  parti¬ 


tioned  into  separate  security  zones  called 
secure  virtual  gateways,  each  with  its  own 
management  interface,  policies  and  ad¬ 
ministrative  controls.  Pricing  starts  at 
$25,000. 

Whale  Communications  will  show  off  its 
new  e-Gap  Remote  Access  Appliance  AE. 
The  company  differentiates  its  SSL  VPN 
product  from  others  by  focusing  on  secur¬ 
ing  the  location  from  which  users  are 
accessing  corporate  resources,  such  as  air¬ 
port  kiosks.  Whale’s  technology,  called 
Attachment  Wiper,  deletes  all  temporary 
files,  browser  cache,  downloaded  files  and 


pages,  cookies,  history  information,  user 
credentials  and  other  information  that  the 
“untrusted”  browser  records  during  the  SSL 
VPN  session. 

In  addition,  Whale  provides  a  time-out 
mechanism  that  ensures  sessions  are 
closed  when  abandoned,  and  users  who 
are  legitimately  working  aren’t  logged  off.  A 
secure  logoff  replaces  HTTP  Basic 
Authentication,  ensuring  user  credentials 
aren’t  cached  to  the  client  machine. The  e- 
Gap  also  requires  periodic  reauthentica¬ 
tion.  E-Gap  Remote  Access  Appliance  costs 
$23,000.  ■ 


You  Need  Belden’s  New  DataTwist  600e  — 

The  Only  Network  Cable  That  Guarantees  Performance  Beyond  Category  6  Standards. 

Suddenly,  as  quickly  as  Category  6  cable  performance  standards  have  been  adopted.  Belden 
has  made  them  obsolete.  DataTwist  600e  UTP  networking  cable  was  developed  not  only  to  meet 
Category  6  standards,  but  also  to  provide  significant  amounts  of  headroom  above  and  beyond 
them  —  guaranteed.  It's  the  industry's  only  UTP  cable  with  guaranteed  performance  to  600  MHz. 

The  secret?  Belden’s  unique,  patented  Bonded-Pair  technology  that  ensures  uniform  conductor- 
to-conductor  spacing  to  eliminate  performance-robbing  gaps  between  pairs. ..coupled  with 
the  patented  e-Spline  design  that  provides  consistent  pair-to-pair  spacing 
by  placing  pairs  in  individual  chambers. 

The  result: 

•  8  dB  of  Power  Sum  NEXT  headroom  over  Category  6  —  guaranteed. 

•  Nearly  5  dB  of  return  loss  improvement  over  Category  6 

,  ,,,,  .  .  DuPont  is  the  sole 

at  100  MHz  —  guaranteed.  supplier  of  fep  Teiion 

insulation  material  used 

•  An  attenuation  margin  over  Category  6  standards  —  guaranteed.  in  the  plenum  product. 

•  Positive  Power  Sum  ACR  to  460  MHz  —  guaranteed. 


All  of  which  means  better  and  faster  performance  for  you. 
For  more  information  call  1-800-BELDEN-4  to  get  your 
FREE  copy  of  the  DataTwist  600e  Ne.  j  Product  Bulletin. 

www.  belden.  com/DT600eNW.  pdf 
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Tired  of  Sluggish 
Network  Performance  * 
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When  a  system 
goes  down,  the 
meter  starts  ticking. 


Now  there’s  a  solution  that  matches  the  scale  and  pace 
of  your  enterprise.  For  remote  recovery  of  unbootable 
Windows  XP®,  Windows  2000®,  and  Windows  NT®  systems, 
Wintemals  Recovery  Manager™  is  amazingly  fast,  cost  effective, 
and  easy  to  use.  It  automatically  gathers  key  system  data, 
restoring  unbootable  and  unstable  systems  anywhere  in  your 
enterprise  to  a  previous  working  state.  All  in  a  few  minutes,  right 
from  the  administrator’s  desktop. 

Look  at  your  options.  You'll  find  that  Recovery  Manager  is  the  one 
solution  you’ll  want  on  hand  when  a  system  goes  down. 

Recover.  Accelerate. 


Learn  More! 

1-800-408-8415 
www.  winternals .  com 


With  every  tick,  your  enterprise  loses  productivity. 
Your  users  and  customers  lose  their  patience.  Your 
CIO  loses  his  cool.  And  your  administrators  lose 
their  sanity. 


©  2003  Winternals  Software  LP.  All  rights  reserved.  Winternals  is  a  registered  trademark  of  Winternals  Software  LP.  Recovery  Manager  is  a  trademark  of  Winternals  Software  LP 
Windows  XP,  Windows  2000,  and  Windows  NT  is  a  registered  trademark  of  Microsoft  in  the  US  and/or  other  countries. 


Update 

■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


GMPLS  unifies  network  layers 


HOW  IT  WORKS 


GMPLS 

Generalized  Multi-protocol  Label  Switching  can  be 
deployed  in  two  ways:  through  an  overlay  model  or 
peer  model.  In  a  peer  model,  the  router  determines 
the  physical  route  of  a  light  path. 


O  Router  A  sends  RSVP  PATH  message  with  explicit  route  to  adjacent  device  in  optical  network. 

©  Each  optical  network  device  listed  in  Router  A’s  explicit  route  processes  the  PATH  message  and  then  passes 
it  along  to  the  next  optical  device  listed  in  the  explicit  route. 

0  Optical  device  adjacent  to  Router  B  processes  PATH  message  and  sends  it  on  to  Router  B,  the  final  hop  in 
the  explicit  route. 

O  Router  B  sends  RESV  message  in  response  to  PATH  message,  with  explicit  route  to  make  RESV  follow  the  same  path. 

©  Each  optical  device  processes  RESV. 

©  The  optical  device  adjacent  to  Router  A  processes  RESV  message  and  sends  it  to  Router  A.  The  result  is  a 
bidirectional  light  path  between  Router  A  and  B,  with  the  physical  path  being  determined  by  Router  A. 


■  BY  JOHN  STEWART 

Carriers  are  seeking  to  gain  efficiencies 
and  develop  advanced  services  by  merg¬ 
ing  the  worlds  of  IP  and  optical  network¬ 
ing.  However,  first  they  need  to  overcome 
the  extremely  complex  multilayer  architec¬ 
ture  that’s  been  cobbled  together  to  carry 
IP  service  over  networks  designed  to  sup¬ 
port  voice  and  fixed  circuits.  Ultimately, 
they  need  one  control  plane  that  extends 
from  IP  at  Layer  3  right  down  to  the  optical 
transport  level  at  Layer  1 . 

Generalized  Multi-protocol  Label  Switch¬ 
ing  (GMPLS)  aims  to  meet  this  need  by  ex¬ 
tending  network  intelligence  from  the  net¬ 
work  edge  through  the  core  and  back  to 
the  edge  under  a  unified  control  plane. 

A  proposed  IETF  standard,  GMPLS  is  still 
in  development  and  isn’t  expected  to  be 
ready  for  wide-scale  deployment  for  1  to  2 
years.  But  the  technology  isn’t  entirely  new, 
because  it  builds  on  many  of  the  gains  that 
came  through  the  development  and 
standardization  of  Multi-protocol  Label 
Switching  (MPLS),  which  has  simplified 
network  architecture  by  replacing  the 
need  for  ATM  and  frame  relay  equipment 
to  oversee  traffic  engineering. 

MPLS  improves  IP  scalability  and  quality 
of  service  by  creating  virtual  label- 
switched  paths  (LSP)  across  a  network  of 
label  switching  routers  (LSR).  GMPLS’  pri¬ 
mary  enhancement  to  MPLS  is  its  capabil¬ 
ity  to  establish  connections  at  Layer  1. 

GMPLS  can  be  deployed  in  two  ways: 
overlay  model  or  peer  model.  In  an  overlay 
model,  also  called  a  UNI,  the  router  is  a 
client  to  the  optical  domain  and  interacts 
only  with  the  directly  adjacent  optical 
node. In  the  overlay  model,  the  actual  phys¬ 
ical  light  path  is  decided  by  the  optical  net¬ 


work  and  not  by  the  router. 

In  the  peer  model,  the  IP/MPLS  layer  oper¬ 
ates  as  a  full  peer  of  the  optical  transmis¬ 
sion  layer.Specifically  the  IP  routers  are  able 
to  determine  the  entire  path  of  the  connec¬ 
tion,  including  through  the  optical  devices. 

The  aim  of  GMPLS  —  both  peer  and  over¬ 
lay  models  —  is  to  extends  the  reach  of 
MPLS  from  routers  through  to  the  optical 
domain,  where  forwarding  decisions  are 
based  on  time  slots,  wavelengths  or  phys¬ 
ical  ports  (called  “implicit  labels”  in  GMPLS 
terminology),  not  packet  boundaries. 
GMPLS  enables  such  cross-domain  peer¬ 
ing  by  supporting  new  classes  of  LSRs, 


including  dense  wavelength  division  multi¬ 
plexers,  add/drop  multiplexers  and  optical 
cross-connects. 

The  most  significant  aspect  of  GMPLS 
is  the  way  it  influences  how  labels  are 
requested  and  distributed,  bandwidth  is 
allocated  and  network  failures  are 
communicated. 

GMPLS  uses  Interior  Gateway  Protocol 
(IGP)  extensions  to  support  various  link 
types  —  normal,  nonpacket  and  forward¬ 
ing  adjacencies  into  the  link-state  data¬ 
base.  If  nodes  at  both  ends  of  the  link  can 
receive  and  transmit  packets,  GMPLS  iden¬ 
tifies  them  as  a  normal  link.  If  not,  they 


become  a  nonpacket  link.  If  an  LSR  creates 
and  maintains  a  label-switched  path.it  can 
announce  the  LSP  into  the  IGP  as  a  for¬ 
warding  adjacency 

Crucial  to  this  approach  is  GMPLS  defin¬ 
ing  the  hierarchy  of  LSPs.This  lets  the  nest¬ 
ing  of  LSPs  support  the  establishment  of 
traffic  trunks.  The  function  is  similar  to 
MPLS’  support  for  label  stacking,  in  which 
many  smaller  LSPs  can  be  aggregated  into 
one  larger  LSP  GMPLS  operates  much  the 
same  as  LSPs  operate,  which  is  as  a  virtual 
representation  of  physical  paths. 

Under  the  hierarchy  GMPLS  sets  up,  LSPs 
that  begin  and  end  with  packet-switched 
nodes  are  at  the  bottom,  followed  in 
ascending  order  by  those  tied  to  TDM 
switching  nodes,  lamba  switching  nodes 
and  fiber  switching  nodes. 

GMPLS  is  expected  to  help  service  pro¬ 
viders  dynamically  provision  bandwidth 
and  capacity  improve  network  restoration 
capabilities,  and  reduce  operating  expens¬ 
es.  New  revenue-generating  services  such 
as  optical  VPNs  also  might  spring  from 
GMPLS.  Another  anticipated  gain  comes 
from  GMPLS  supporting  open  standards. 
This  will  let  carriers  use  best-of-breed 
equipment  as  they  build  out  their  networks. 

Demand  for  GMPLS  should  grow  as  IP 
traffic  and  services  increases.  Yet  chal¬ 
lenges  remain.  Vendors  need  to  establish 
business  cases  that  support  GMPLS’  intro¬ 
duction.  And  if  companies  are  to  gain 
maximum  efficiency,  they  must  overcome 
their  own  organizational  roadblocks  that 
separate  optical  transport  and  IP  admin¬ 
istrative  domains. 

Stewart  is  director  of  product  strategy  for 
Juniper.  He  can  be  reached  at  jstewart@ 
juniper.net. 


Dr.  Internet  By  Steve  Blass 

We  are  building  a  network  similar  to  one  you 
described  in  your  April  14  column  (www.nw 
fusion.com,  DocFinder:  5567).  We  prefer  the 
security  of  the  private-line  method  to  using 
frame  relay  to  interconnect  our  LANs.  Would  a 
private-line  network  connecting  three  nodes  with 
two  spokes  connected  to  a  hub  require  us  to 
install  and  configure  an  IP  router  at  the  hub  site 
just  to  move  traffic  from  one  spoke  node  to  the 
other?  Or  can  we  make  the  connection  directly? 


In  a  three-nodedT-1  network,  where  one  hub 
node  is  connected  to  two  spoke  nodes,  you  can 
terminate  eachT-1  on  dual-channel  CSUs  with 
one  port  on  each  CSU  feeding  different  ports  on 
a  router  at  the  hub.  This  way,  the  through  re¬ 
quirement  for  connecting  Spoke  1  to  Spoke  2  via 
connections  to  the  hub  site  can  be  achieved  by 
interconnecting  the  second  port  on  each  CSU 
with  a  crossover  cable  (as  long  as  your  routers 
and  CSUs  provide  for  defining  the  appropriate 


channels  for  yourT-ls).  Adtran  and  Cisco  make 
this  relatively  easy.  Additional  spoke  nodes  can 
be  added,  but  they  require  additional  CSU  ports 
and/or  routing  facilities.  Expandability  is  one  of 
the  attractions  of  using  frame  relay,  or  even 
Internet  VPN  networking. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@ 
changeatwork.  com. 


The  Trapeze  Networks 


Wireless  LAN  Mobility  System 


ELIMINATING  THE  WORRY  FROM  ENTERPRISE  WIRELESS 


Enterprise  IT  managers  have  good  reasons  to  be  wary  of— and  worried  by— wireless  LANs  (WLANs).  Truly 
revolutionary  technologies  tend  to  be  disruptive,  especially  when  they're  randomly  deployed  by  end  users 
rather  than  rolled  out  enterprise-wide  by  IT  professionals.  The  original  PC  networks  are  a  perfect  case 
in  point.  Once  users  sampled  client-server  computing,  corporate-issue  dumb  terminals  and  their  heavy- 
metal  hosts  were  history.  Unfortunately,  end-user  concerns  rarely  extend  beyond  their  own  workgroups 
and  departments.  Once  their  do-it-yourself  deployments  were  up  and  running,  IT  was  tasked  with  standard¬ 
izing,  securing  and  stabilizing  them— making  sure  the  marketing  LAN  could  communicate  with  sales,  while 
preventing  access  to  HR  files.  Still,  it  took  years  for  IT  to  regain  control  of  corporate  technology  initiatives. 
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WLANs  could  well  spark  off  an  even  more  intense  power  struggle. 
Security  concerns,  integration  issues  and  a  shortage  of  pre-  and 
post-deployment  enterprise-class  planning  and  management  tools 
warn  IT  managers  to  proceed  with  caution.  Users,  meanwhile, 
aren't  willing  to  wait. 

The  question  isn't  /Yor  when  wireless  will  come  to  the  enterprise. 
It's  already  here.  The  real  issue  is  who  will  control  it.  End  users 
want  the  freedom  to  access  apps  and  services  without  being 
tethered  to  an  IP  port. 

IT  managers,  in  contrast,  can't  lose  sight  of  the  big  picture.  They 
don't  see  a  workable  way  to  implement  secure,  scalable  enter¬ 
prise  WLANs.  The  lack  of  effective  tools  for  planning,  deployment 
and  management  makes  them  understandably  skittish.  And 
"enterprise-class"  WLAN  vendors  typically  treat  wireless  as  an 
add-on  rather  than  an  integral  part  of  the  enterprise.  That  may 
free  end  users  to  roam;  it  also  gives  IT  managers  two  infrastruc¬ 
tures  to  deal  with:  one  wired,  the  other  wireless.  Given  the 
severe  budgetary  and  personnel  restraints  on  today's  IT  depart¬ 
ments,  throwing  twice  as  much  work  at  them  may  simply  burn 
out  staff  in  half  the  time— to  the  detriment  of  both  networks. 

Trapeze  Networks:  Enterprise  WLANs  Done  Right 

Revolutionary  challenges  demand  revolutionary  solutions. 

That's  precisely  what  Trapeze  Networks  provides  with  its  Trapeze 
Mobility  System,  the  first  scalable  WLAN  infrastructure  that  offers 
seamless  integration,  secure  mobility,  and  true  enterprise-class 
planning,  deployment  and  management  tools. 

The  Trapeze  Mobility  System  comprises  four  elements:  the 
Mobility  Exchange’"  (MX’“),  Mobility  Point”  (MP”),  Mobility  System 
Software”  and  RingMaster”.  For  authentication,  authorization  and 
accounting  (AAA),  Trapeze  is  tightly  coupled  to  a  number  of 
authentication  servers,  including  Microsoft's  Internet  Authenti¬ 
cation  Server  (IAS)  and  Funk  Software's  Steel-Belted  RADIUS. 


The  Mobility  Exchange  represents  a  new  class  of  networking 
devices  that  enables  users'  identities  to  follow  them  as  they 
roam.  The  Mobility  Point  is  closely  integrated  with  the  Mobility 
Exchange;  together,  they  establish  a  distributed  architecture  that 
shares  a  systemwide  control  and  data  plane.  The  Mobility  System 
Software,  which  runs  on  Mobility  Exchanges  and  Mobility  Points, 
seamlessly  integrates  the  wireless  and  wired  infrastructures.  And 
RingMaster  is  a  comprehensive  suite  of  Java-based  planning, 
deployment  and  management  tools. 

The  Trapeze  Mobility  System  fulfills  the  three  fundamental 
requirements  of  an  enterprise  WLAN.  First,  it  eliminates  the 
distinction  between  wired  and  wireless  infrastructures.  Second, 
it  furnishes  a  full  suite  of  powerful,  easy-to-use  pre-  and  post¬ 
deployment  planning  and  management  tools.  Finally,  it  enables 
end  users  to  work  wherever  they  choose  without  compromising 
enterprise  security. 

What's  Wrong  with  This  Picture? 

To  put  the  Trapeze  Mobility  System  into  perspective,  consider  just 
a  few  of  the  shortcomings  of  other  WLAN  offerings. 

WLAN  products  are  not  enterprise-ready.  Conventional  access 
points  (APs)  are  suited  to  workgroups  or  small  SOHO  sites.  They 
support  a  small  number  of  users  and  can't  address  enterprise- 
class  security,  scalability  and  management.  Wireless  appliances 
add  a  few  features,  but  they  require  IT  managers  to  become 
system  integrators,  installing  and  maintaining  a  complex 
assortment  of  point  products. 

Roaming  reduces  WLAN  security.  On  wired  networks,  end  users 
are  supposed  to  stay  in  one  place.  Maintaining  security  depends 
on  limiting  mobility.  Granting  end  users  freedom  of  movement 
without  sacrificing  security  means  adding  complex  routing  proto¬ 
cols  to  the  backbone  and  installing  software  on  all  user  clients — 
a  costly,  time-consuming  task. 


Planning  and  integration  tools  aren't  up  to  the  task.  Current 
wireless  design  and  configuration  tools  typically  force  IT  managers 
to  perform  manual  site  surveys,  trudging  through  buildings  and 
manually  measuring  radio-frequency  (RF)  signals.  That's  far  too 
labor-intensive  for  enterprise  WLANs,  which  will  require  hundreds 
of  APs.  What's  needed  are  tools  that  deliver  the  enterprise-wide 
view,  enabling  IT  managers  to  plan  and  configure  the  WLAN 
before  installing  equipment  (and  without  going  for  a  hike)  and 
then  deploying  everything  with  a  click  of  the  mouse. 

Seamless  Integration  with  Existing  Infrastructure 

Since  the  Trapeze  Mobility  System  was  built  to  seamlessly 
integrate  wireless  and  wired  infrastructures,  it  doesn't  require  IT 
managers  to  wrestle  with  workarounds,  maintain  separate  net¬ 
works  or  treat  WLANs  as  second-class  citizens.  There's  also  no  need 
to  run  complex  network  protocols  like  Mobile  IP  or  add  client  soft¬ 
ware  to  accommodate  wireless  users.  Air  becomes  just  another 
medium,  like  optical  fiber  or  unshielded  twisted-pair  wire. 

Identity-Based  Networking  is  central  to  seamless  integration. 

It  allows  users  to  maintain  the  same  set  of  access  rights,  virtual 
LAN  (VLAN)  and  subnet  memberships  and  other  profiles  and 
permissions  whether  they're  on  the  wired  or  wireless  LAN. 
Essentially,  this  means  basing  security  and  access  control  on  user 
identity  rather  than  physical  ports,  as  traditional  switches  and 
routers  do.  Trapeze  can  even  track  multiple  devices  belonging  to 
the  same  user— laptop,  PDA  and  digital  phone— an  ability  no 
wired  network  can  match. 

Secure  Mobility 

Identity-Based  Networking  is  also  used  to  ensure  secure  mobility. 
VLANs  and  subnet  memberships  follow  users  as  they  roam,  keeping 
them  on  the  same  VLANs  they  joined  on  the  wired  network. 


This  is  possible  because  the  Trapeze  Mobility  System  Software 
dynamically  sets  up  and  tears  down  VLANs  over  the  airlink  in  real 
time.  All  the  existing  network  engineering  on  the  wired  network 
such  as  roaming  policies,  encryption,  access  control  lists  (ACLs), 
class  of  service  (CoS),  quality  of  service  (QoS)  and  routing  policies 
are  leveraged  across  the  wired  and  wireless  LAN. 

Managing  users  according  to  identity  is  a  proven  practice  based 
on  the  principles  of  AAA.  The  largest  subscriber-based  networks 
in  the  world,  including  AOL,  also  rely  on  AAA  to  implement  user- 
based  management  and  security.  Network  operating  systems  like 
Microsoft  Windows  2000  server,  as  well  as  remote-access  systems 
based  on  RADIUS,  also  fully  support  this  approach. 

It  is  the  Trapeze  Mobility  System  Software's  unprecedented  level 
of  system  intelligence  and  its  ability  to  leverage  the  integrated 
data  plane  shared  by  the  Mobility  Exchange  and  the  Mobility 
Point  that  enables  it  to  dynamically  create  and  tear  down  VLANs. 
This  revolutionary  approach  ensures  that  roaming  remains 
transparent  to  users  and  IT  managers.  There's  no  need  for  users 
to  log  on  more  than  once  or  for  IT  to  modify  clients  or  the 
network  backbone. 

Compare  Trapeze's  transparency  with  the  unwieldy  approach 
offered  by  Mobile  IP.  The  protocol  initiates  IP  Security  (IPsec) 
tunnels  and  performs  network  address  translation  (NAT)  for 
every  mobile  user,  changing  addresses  as  users  move.  Because 
Trapeze  employs  a  Layer  2  solution  to  deal  with  a  Layer  2  issue— 
VLANs— there's  no  need  to  alter  IP  addresses,  which  makes 
troubleshooting  easier. 


IDENTITY-BASED  NETWORKING:  THE  KEY  TO  SECURE  MOBILITY 


All  wired  network  security  is  based  on  two  premises: 
1)  users  are  physically  connected  to  a  switch  or 
router  port  and  2)  those  users  stay  in  one  place. 

Even  802. IX  and  802.1 1  i  expects  wireless  users  to 
remain  stationary.  What's  missing  is  mobility,  the 
fundamental  benefit  of  WLANs.  But  roaming  rips 
holes  in  security  schemes. 

Trapeze's  solution  for  secure  mobility  is  based  on 
Identity-Based  Networking.  Users'  identities  follow 
them.  Users  maintain  the  same  VLAN  membership, 
encryption,  roaming  policies  and  data  path.  IT  can 
also  track  users  with  multiple  devices.  What's  more, 
Identity-Based  Networking  is  transparent  to  users 
and  IT  since  users  only  log  in  once.  There's  no  need 
to  deploy  new  client  software  or  add  new  protocols. 
No  appliances  are  needed. 

Early  WLAN  designers  implemented  secure  mobility 
by  assigning  all  wireless  users  to  a  single  VLAN  with¬ 
in  a  demilitarized  zone  (DMZ)  and  installing  virtual 
private  network  (VPN)  software  on  every  wireless 


client.  That's  a  costly  administrative  nightmare. 

The  Gartner  Group  estimates  that  it  costs  $250  every 
time  IT  has  to  touch  a  client  PC.  Designed  for  dial-up, 
using  IPsec  VPNs  simply  doesn't  scale  enterprise-wide. 

With  this  approach,  users  had  two  identities  and  two 
sets  of  access  rights— one  when  wired,  the  other  for 
wireless.  Since  all  wireless  users  are  on  a  single 
VLAN,  they  all  have  the  same  rights  and  permissions, 
from  the  CEO  to  the  receptionist.  A  single  VLAN  does¬ 
n't  scale,  so  as  more  users  get  on  the  WLAN,  the 
broadcast  domain  breaks  down. 

Another  workaround  is  to  use  Mobile  IP,  along  with 
NAT  and  IPsec  VPNs.  Mobile  IP  means  changes  to  all 
the  edge  routers  and  either  client  Mobile  IP  software 
or  APs  running  a  proxy  Mobile  IP  client.  Since  so  few 
IT  managers  are  willing  to  deploy  new  client  soft¬ 
ware,  the  proxy  approach  is  favored.  And  since 
Mobile  IP  is  a  routing  protocol,  those  APs  become 
"ceiling  routers."  Additionally,  processor-intensive 
Mobile  IP  software  could  mean  expensive  router 


upgrades.  Relying  on  NAT  to  change  the  client's  IP 
addresses  as  users  roam,  Mobile  IP  makes  trouble¬ 
shooting  more  difficult  as  maintaining  a  large-scale 
NAT  implementation  is  extremely  complex. 

Recently,  some  vendors  are  using  the  SSID  to  create 
multiple  wireless  VLANs.  SSID  supports  a  limited 
number  of  VLANs,  and  each  one  must  be  created  at 
every  AP  that  IT  anticipates  users  will  employ.  Thus, 
all  VLANs  must  be  configured  everywhere,  which 
means  significant  configuration  changes  to  switches 
and  routers. 

Finally,  there's  the  appliance  approach  to  secure 
mobility,  which  forces  IT  to  become  system  integra¬ 
tors.  In  this  scenario,  IT  managers  end  up  overseeing 
a  network  of  VPN  appliances  that  aren't  integrated 
with  the  underlying  WLAN.  Appliances  also  aren't 
air-aware,  which  severely  limits  their  ability  to 
detect  and  locate  rogues. 


Equally  impressive,  Trapeze  maintains  multiple  broadcast 
domains,  while  isolating  one  from  another.  Thus  it  supports  all 
VLANs  defined  on  the  wired  network  across  its  WLAN  without 
creating  any  limitations.  That's  a  vast  improvement  over  wireless 
schemes  that  create  VLANs  via  service  set  identifiers  (SSIDs), 
which  severely  limit  the  number  of  VLANs  and  restrict  end 
users'  ability  to  roam. 


Mobile  IP 

Service  Set  Identifier 
(SSIO)  per  VLAN 

AAA-Based 

End-user  Configuration 

Special  client  software 
or  client  proxy 

Must  configure  the  right 
SSID;  SSIDs  are  hidden 

Only  one  SSID  to  pick 

Enforced  VLAN 
Membership 

Yes,  based  on  IP  address 

No,  SSID  is  user- 
selectable 

Yes,  based  on  user 
authorization 

Backbone  Impact 

Very  large;  new  protocol 
on  edge  routers 

Large;  push  all  802. IQ 
VLANs  down  to  APs 

None;  connect  mobility 
switch  to  backbone; 
mobility  switches  tunnel 

Scaling 

No  deployments  since 
inception  (1995) 

Unproven 

Proven  to  millions; 
example:  AOL 

Overhead 

Tunnel  per  user;  route 
table  entry  per  user;  IP 
address  consumption 

Every  VLAN  everywhere; 
hidden  SSIDs 

Optimized  AAA 
(EAP  processing; 
roamed  AAA) 

Comparing  Secure  Mobility  Approaches 


HALT,  WHO  GOES  THERE? 

Just  because  users  can  roam  doesn't  mean  they  should  be 
allowed  to  roam  everywhere.  IT  may  want  to  limit  mobility  for 
security  reasons  or  to  conserve  bandwidth.  Using  the  Trapeze 
RingMaster  tool  suite,  administrators  define  mobility  profiles 
that  indicate  where  users  can  and  can't  go.  For  instance,  IT  may 
not  want  visitors  to  roam  outside  of  conference  areas,  while 
giving  employees  the  run  of  the  building.  RingMaster  defines 
mobility  profiles  based  on  user,  group  or  domain. 

Additionally,  RingMaster  and  Identity-Based  Networking  take 
authorization  to  a  new  level  of  granularity:  User-based  ACLs. 
Typically,  routers  use  ACLs  to  govern  device  access  rights. 
User-based  ACLs,  in  contrast,  further  focus  mobility  profiles; 
for  example,  IT  could  grant  guests  Internet  access  but  prevent 
them  from  reaching  internal  resources. 

Trapeze  helps  IT  managers  severely  limit,  if  not  completely 
eliminate,  rogue  attacks.  Only  authenticated  users  can  communi¬ 
cate  over  the  network  and  all  communications  over  the  air  is 
encrypted.  What's  more,  Trapeze  eliminates  the  drudgery 
associated  with  rogue  detection,  which  typically  requires  IT 
personnel  to  walk  the  floor  performing  manual  RF  checks,  a 
hit-or-miss  proposition  at  best.  Instead,  RingMaster  performs 
an  RF  sweep,  mapping  the  network  RF  topology  and  coverage. 
From  there,  IT  managers  can  authenticate  unknown  users  or 
investigate  further  if  a  rogue  is  suspected. 

When  RingMaster  performs  an  RF  sweep,  it  listens  to  all  channels, 
not  just  those  the  Mobility  Points  are  using  to  carry  production 
traffic.  Some  rogue  detection  schemes  listen  only  for  beacons,  but 
savvy  hackers  can  easily  turn  off  beaconing  on  rogue  APs  when 
they're  trying  to  penetrate  network  defenses.  Finally,  Trapeze 
doesn't  deploy  "sensor"  Mobility  Points,  which  only 
listen  for  rogues  without  carrying  production  traffic.  Every  part 
of  the  Trapeze  Mobility  System  pulls  its  weight. 


Trapeze's  Identity-Based  Networking  also  gives  IT  help-desks  a  big 
hand.  When  users  on  wired  networks  open  a  trouble  ticket,  tech 
support  typically  asks  for  the  number  of  their  network  port. 

WLANs  don't  have  network  ports,  and  there's  no  way  for  users  to 
know  which  Mobility  Point  they're  on.  No  problem.  All  the  help 
desk  has  to  ask  is  "What's  your  user  name?"  If  the  answer  is 
"Bob,"  then  RingMaster  is  queried,  "Where's  Bob?"  It  not  only 
locates  him  but  also  pulls  up  a  complete  history  of  where  he  has 
roamed,  where  he  was  authenticated  and  how  much  bandwidth 
he  has  consumed. 

Intelligent  Planning  and  Management 

VIRTUAL  SITE  SURVEYS  YIELD  REAL  RESULTS 

As  indicated,  Trapeze  significantly  simplifies  WLAN  planning, 
deployment  and  management.  For  example,  there's  no  need  to 
perform  a  manual  predeployment  site  survey.  Instead,  an  IT 
manager  works  with  RingMaster's  easy-to-use  interface  to  per¬ 
form  automated  virtual  site  surveys,  capacity  and  RF  planning, 
and  offline  configurations. 


^RingMaster 

The  process  begins  by  importing  building  floor  plans  in  standard 
file  types,  such  as  AutoCAD,  JPEGs  and  GIFs.  RingMaster's  wizard 
then  prompts  the  IT  manager  for  the  information  needed  to 
establish  coverage  areas,  including  the  size  of  departmental 
offices,  labs  and  conference  rooms. 


RingMaster  topology  mapping  allows  IT  to  verify  planned  RF 

COVERAGE  IN  DESIGNATED  AREAS  SUCH  AS  MARKETING  AND  ENGINEERING. 


B  Modify  WrfW 


Next,  RingMaster  asks  for  other  metrics,  such  as  the  number  of 
users  and  how  much  bandwidth  their  applications  require.  The  IT 
manager  may  decide  that  each  member  of  the  50-person  market¬ 
ing  group  gets  1  Mbps,  while  the  200  users  in  manufacturing 
receive  500  Kbps  apiece.  Once  the  WLAN  design  is  approved, 
RingMaster  generates  installation  drawings  and  work  orders 
displaying  the  location  and  the  number  of  Mobility  Points  that 
need  to  be  deployed. 

When  IT  is  ready  to  deploy  the  WLAN,  RingMaster  automatically 
pushes  all  configurations  out  to  the  Mobility  Exchanges  and 
Mobility  Points— with  one  click  of  the  mouse.  Post-deployment, 
it  also  verifies  RF  coverage,  maps  network  topology  and  auto¬ 
matically  distributes  traffic  to  optimize  performance.  Running 
standalone  or  integrated  into  Hewlett-Packard's  OpenView 
management  framework,  RingMaster  keeps  tabs  on  systemwide 
faults  and  events  and  collects  and  graphs  performance  statistics. 

Early  on,  IT  managers  paid  close  attention  to  WLAN  RF  coverage— 
which  is  something  like  optimizing  a  wired  network  according  to 
cable  length.  Capacity  is  a  far  more  important  design  consideration. 


RF  Obstnde  Setup 


Description 
Obstacle  Type 

Attenuation  Factor  for  802.1 1  a  (dB) 
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Concrete 
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Create  Coverage  Area  for 
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Dimensions 
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LOSING  THE  SIGNAL 

With  RF,  it's  critical  to  consider  how  building  layouts  and  physical 
objects  will  affect  signal  loss.  Walls,  windows  and  cubicles  absorb 
RF  signals  at  different  rates.  Different  walls,  in  fact,  exhibit  differ¬ 
ent  signal-loss  characteristics.  To  address  these  discrepancies, 
RingMaster  includes  a  library  of  attenuation  factors  to  help 
calculate  signal  loss. 


IT  MANAGERS  CAN  USE  RINGMASTER 
10  RUN  OFFUNE  W  H  A  T  -  I  F  SCENARIOS 
WITH  VARYING  BANDWIDTH,  DISTANCE 
AND  ATTENUATION  FACTORS  TO  HELP 
WITH  CAPACITY  PLANNING.  FOR  INSTANCE, 

RingMaster  can  quickly  determine 

HOW  MANY  MORE  MOBILITY  POINTS 
WOULO  BE  NEEOEO  TO  DELIVER  1  MBPS 
TO  EACH  USER  IN  MANUFACTURING, 
RATHER  THAN  500  KBPS  PER  USER. 
RingMaster  also  rapidly  models 
HOW  DEPLOYMENTS  will  differ 
using  802.1  1a  or  802.1  1  b. 

All  calculations  are  performed 

IN  REAL  TIME. 
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Designing  an  enterprise  WLAN  to  deliver  sufficient 
capacity  may  seem  counterintuitive  at  first,  since 
most  pilot  or  workgroup  WLANs  stress  RF  coverage. 

In  the  enterprise,  however,  the  challenge  is  not  how 
far  the  RF  signal  can  travel  but  how  to  deliver 
enough  bandwidth  to  meet  the  demands  of  business 
applications.  In  short,  plan  for  optimal  capacity  and 
complete  coverage  will  automatically  follow. 

Some  key  design  principles  include: 

Coverage  and  Oata  Rate.  Data  rate  is  a  function  of 

is  from  the  access 
Sgnal  and  the  lower 


INDOOR  RAD 
100  f 


DATA  RATE 

802.11b  11  Mbps 

802.11a  36  Mbps 


WLAN  architects  may  want  to  set  5.5  Mbps  as  the 
lowest  allowable  association  rate  for  an  802.11b 
network,  so  that  if  the  signal  quality  drops  below 
that  threshold,  the  user  is  forced  to  associate  wit 
new  Mobility  Point.  One  end  user  associ 
Mbps  will  slow  down  the  entire  cell,  since  it 
take  longer  for  the  Mobility  Point  to  communicate 
with  that  user.  . 

~te.  The  number  of  users  and 
najor  determi- 
ich  will  in  turn 
office  or  if  user 
a  higher 

greater  throughput.  Figure  1  shows 
cell  sizes  affect  the  user  experience. 

Application  Bandwidth.  A  good  rule  of 
for  an  802.11a  network  is  to  allow  for  2  Mbps 


downstream  and  2  Mbps  upstream,  which  roughly 
replicates  user  experience  on  a  wired  LAN.  It's  critical 

to  remember  that  WLANs  are  a  shared  rather  than  a 
switched  medium.  For  an  802.11b  network,  allow 
500  Kbps  in  each  direction.  This  will  deliver  a  user 


User 


100  USERS 
11  Mbps 
3  Mobility 
17  Mbps  total  throughout 


In  addition,  RingMaster  centralizes  the  configuration  process  by 
maintaining  one  systemwide  image  of  all  Mobility  Exchanges  and 
Mobility  Points  it  uses  to  automatically  assign  power  levels  and 
RF  channels.  IT  managers  can  easily  clone  these  images;  if  a  new 
Mobility  Point  is  added,  RingMaster  automatically  recalculates 
the  channel  assignments  and  power  levels  of  all  affected 
Mobility  Points. 

Further,  RingMaster's  RF  sweeps  enable  it  to  superimpose  the 
actual  RF  topology  onto  the  original  WLAN  design.  Because  the  RF 
environment  constantly  changes,  this  real-time  feature  is  critical 
for  troubleshooting  and  for  air  awareness. 

The  Trapeze  Mobility  System  also  supports  third-party  APs.  It 
stores  their  IP  addresses  to  establish  a  centralized  management 
point  and  records  their  RF  assignments  in  order  to  optimize 
channel  allocations  for  nearby  Trapeze  equipment.  Once  the 
WLAN  is  up  and  running,  the  system  automatically  excludes  these 
sanctioned  third-party  APs  from  its  list  of  rogues  and  verifies 
their  RF  coverage  areas  during  RF  sweeps. 

Finally,  RingMaster  can  detect  pockets  of  congestion  by  mapping 
which  users  are  associated  with  a  specific  Mobility  Point.  If  traffic 
is  especially  heavy,  users  will  automatically  be  associated  with  a 
less  utilized  Mobility  Point.  These  real-time  reassignments  are 
possible  because  RingMaster  configures  the  Mobility  Exchange 
and  Mobility  Point,  while  the  Mobility  Exchange  controls  the 
Mobility  Point's  802.11  associations  and  power  level. 


Mobility  Exchange  and  Mobility  Point 
The  Mobility  Exchange  is  the  industry's  most  advanced  wireless 
networking  device.  As  discussed,  it's  aware  of  user  identities, 
enabling  it  to  track  them  on  the  go.  The  Mobility  System  Software 
keeps  the  Mobility  Exchanges  and  Mobility  Points  informed 
about  user  data  paths,  ACLs  and  services,  which  makes  possible 
seamless  integration  and  secure  mobility. 


Sharing  an  integrated  control  and  data  plane,  the  Mobility 
Exchanges  and  Mobility  Points  are  built  to  scale  enterprise-wide. 
Since  Mobility  Points  are  mounted  in  unsecured  locations— like 
ceilings  and  walls— intelligence  is  concentrated  in  the  Mobility 
Exchanges,  which  are  situated  in  secure  wiring  closets.  In  fact,  the 
Mobility  Point  is  incapable  of  taking  any  action,  until  the  Mobility 
Exchange  tells  it  to. 

While  the  industry  debate  over  thin  vs.  fat  APs  rages  on,  the 
Trapeze  Mobility  Point  can  be  best  described  as  "fit."  It  is  a  secure 
radio  with  enough  processing  power  to  handle  tasks  that  should 
be  performed  near  end  users,  like  encrypting  messages  and 
collecting  RF  and  performance  statistics.  But  it  doesn't  have  a 
console  port,  a  command-line  interface  (CLI)  or  a  local  store  of 
user  names  and  passwords  or  other  confidential  information. 

Thus,  if  a  Mobility  Point  is  stolen  or  hacked,  it  presents  no  threat. 

What's  more,  if  the  radio  in  a  Mobility  Point  goes  bad,  a  new  one 
can  be  swapped  in  easily.  The  Mobility  Point  then  automatically 
downloads  its  configuration  from  the  Mobility  Exchange.  So-called 
fat  APs,  in  contrast,  retain  IP  addresses  and  client  authentication 
data,  which  make  them  inherent  security  risks.  If  they're  hacked, 
it  could  precipitate  a  crisis. 

Some  vendors  of  fat  APs  argue  these  devices  should 
run  Layer  3  protocols  like  Mobile  IP.  That  would  turn 
an  already  vulnerable  AP  into  an  unsecured  ceiling 
j&  router.  Equally  troubling,  as  soon  as  a  fat  AP  powers 
up,  both  authorized  and  unauthorized  user  devices  try 
to  associate  with  it  (known  as  the  "bug  light"  effect). 
Aw  Once  users  are  associated  with  a  fat  AP,  they're  stuck 
W  with  it— even  if  a  closer  AP  powers  up 

a  minute  later. 

Trapeze  Mobility  Points  support  multiple  types  of  authentication 
and  encryption,  including  dynamic  Wired  Equivalent  Privacy 
(WEP)  with  rotating  broadcast/multicast  keys,  Wi-Fi  Protected 
Access  (WPA),  Temporal  Key  Integrity  Protocol  (TKIP)  and 
Advanced  Encryption  Standard  (AES).  WPA  is  the  de  facto  standard 
for  802. IX  and  TKIP  until  802.1 1  i  encryption  is  finalized.  AES  is  a 
new  cryptography  algorithm  from  the  U.S.  government  that  will 
replace  the  Triple  Data  Encryption  Standard  (3DES). 

Mobility  Points  can  be  purchased  either  with  one  radio  that  is 
software-selectable  for  802.11a  or  802.11b  or  with  dual  radios 
that  support  both  802.11a  and  802.11b.  When  802.1 1  g  is  ratified, 
it  will  be  supported  as  well.  The  Mobility  Point  also  has  integrated 
dual-band  omni-directional  antennas  that  operate  at  2.4  GHz  and 
5  GHz.  Its  two  10/100  Mbps  PoE  ports  ensure  a  fully  redundant 
dual-homed  data  path  and  transparent  failover. 


THE  THREE  'Rs':  REDUNDANCY,  REDUNDANCY,  REDUNDANCY 

The  importance  of  fault  tolerance  in  a  WLAN  edge  device  can't  be 
overestimated.  A  20-port  Mobility  Exchange  can  easily  service  200 
users,  which  makes  redundancy  and  resiliency  even  more  critical 
than  they  are  for  wired  edge  devices.  Trapeze's  protection  mecha¬ 
nisms  include  redundant  load-sharing  power  supplies,  redundant 
load-sharing  gigabit  uplinks,  redundant  Mobility  Point  connections 
for  dual-homing  to  PoE  ports,  and  redundancy  protocols  like 
Spanning  Tree,  Per  VLAN  Spanning  Tree  (PVST+)  and  even  Cisco's 
proprietary  port  fast. 

IT  managers  can  set  QoS  or  CoS  policies,  guaranteeing  specific 
performance  levels  for  different  groups  of  users.  Like  all  other 
policies,  QoS  profiles  follow  users  no  matter  where  they  roam. 
Similarly,  IT  administrators  can  deploy  delay-sensitive  apps  to  a 
WLAN  by  defining  ACLs  and  priority  queues.  RingMaster  also 
features  templates  that  help  set  roaming  and  QoS  policies, 
among  others. 


Taming  the  Wireless  Tigers 

Trapeze  Networks  delivers  an  integrated  Mobility  System  that 
meets  the  demands  of  today's  enterprise.  For  starters.  Trapeze's 
comprehensive  RingMaster  tool  suite  takes  the  pain  out  of 
planning,  deploying  and  managing  WLANs. 

Trapeze  also  tackles  and  solves  the  biggest  challenge  of  WLANs— 
secure  mobility.  With  its  innovative  Identity-Based  Networking, 
Trapeze  allows  users  to  roam  effortlessly  while  guaranteeing  that 
permissions  and  attributes  travel  with  them,  whether  they're 
working  wired  or  wireless.  What's  more,  Identity-Based 
Networking  detects  rogue  implementations  and  unauthorized 
users,  further  reducing  the  risks  associated  with  WLANs. 

Finally,  by  taking  a  revolutionary  approach  to  a  revolutionary 
technology,  Trapeze  erases  the  distinctions  between  wired  and 
wireless  networks.  The  Trapeze  Mobility  System  integrates  seam¬ 
lessly  with  the  existing  network  infrastructure,  without  forcing  IT 
managers  to  waste  weeks  installing  new  client  software  or 
adding  network  protocols.  For  the  first  time,  IT  managers  can 
build  one  network  that  serves  all  users  equally  well.  Trapeze 
is  wireless  done  right. 


How  an  enterprise  WLAN  handles  the  IEEE  802. IX  authentication 
process  is  very  important.  If  all  authentication  activities— such  as 
managing  encryption  keys— take  place  at  a  central  authentication 
server,  that  server  can  quickly  become  a  bottleneck.  IT  would 
then  be  forced  to  deploy  and  manage  multiple  authentication 
servers.  Trapeze's  Mobility  Exchange  offloads  the  AAA  server  by 
handling  EAP  processing,  session  consolidation,  encryption,  key 
management  and,  certificate  and  key  generation  locally. 


Register  today  to  get  your  FREE  copy 
of  the  Trapeze  WLAN  Book  at 
www.trapezenetworks.com/tutorial 
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The  wireless  LAN  Mobility  System™  from  Trapeze  Networks™. 
You  free  them.  We  free  you. 


THE  QUESTION  IS: 

How  do  you  keep  their  freedom 
from  becoming  your  burden? 

mm  °  1 


Register  now  for  your  free 
wireless  LAN  book. 

www.trapezenetworks.com/tutorial 


With  our  revolutionary  enterprise  solution,  you  don't  create  an  entirely  new  network, 
you  simply — and  we  mean  simply — integrate  wireless  with  your  existing  wired  network. 
It  all  comes  together  in  one  systemwide  platform.  So  now,  air  can  be  managed  just  like 
copper  or  fiber  media. 

Only  Trapeze  takes  the  hassle  out  of  cutting  the  wires.  Systemwide  planning  and 
management  before  and  after  deployment  is  completely  automated.  And  we  don't  just 
secure  wireless.  Trapeze  actually  improves  security  across  the  entire  enterprise — from 
wired  to  wireless. 

Trapeze  Networks.  It's  the  easiest  way  to  set  them — and  yourself — free. 


1-877-FLY-TRPZ 
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Shameless  Plug  Department: We  have 
discussed  spam  many  times  and  our 
alter  ego  has  banged  on  about  it  in 
Backspin  to  the  point  where  our  esteemed 
editor  has  threatened  physical  violence  if 
another  spam  column  is  presented.  If  you 
are  fighting  spam  you  might  be  interested 
in  the  free  seminar,  “Blocking  Spam:  Stop 
Unwanted  Content  Enterprisewide,”  that  1 
am  presenting  with  Network  World  (for 
more  on  the  event  go  to  www.nwfusion. 
com,  DocFinder:  5641). 

We  continue  our  registry  exploration. 
Reader  Greg  Martin  wrote  “Regedt32  is 
needed  to  modify  security  Regedit  cannot 
do  so.”  Quite  true,  under  Windows  NT  and 
2000  there  are  two  versions  of  the  registry 
editor:  regedt32.exe  and  regedit.exe  (under 
Windows  98  and  ME  there  is  only 
regedit.exe  to  entertain  you). 

There  are  a  few  differences  between  the 
two  utilities:  regedt32.exe  has  a  security 
menu  to  examine  and  edit  permissions  of 
subtrees,  keys  and  subkeys;  each  hive  is  dis¬ 
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played  in  its  own  dedicated  window;  you 
can  set  an  option  to  work  in  read-only 
mode;  you  can  edit  values  longer  than  256 
characters  as  well  as  edit  REG_MULT1_SZ 
entry  values;  and  you  can  load  multiple 
registry  files  at  the  same  time. 

On  the  other  hand,  regedit.exe  has  a  bet¬ 
ter  search  facility;  all  the  keys  are  visible  in 
one  window  (like  Explorer),  subkeys  can 
be  bookmarked,  it  opens  the  last  subtree 
edited,  the  registry  can  be  exported  to  a 
text  file,  and  you  can  import  a  .REG  file 
from  the  command  line. 

Under  Windows  XP  you  can  launch 
regedt32.exe  or  regedit.exe  —  either  way, 
you  get  the  same  program,  which  com¬ 
bines  some  of  the  features  of  both  editors 
and  leaves  out  others.  For  example,  there  is 
no  multiwindow  display  but  you  can  edit 
permissions. 

Reader  Mark  Mills  recommends  Aelita’s 
ER  Disk, which  he  describes  as  a“great  tool 
for  backing  up  all  the  PC’s  registries  on  a 
network,  creating  ERD  CD-ROMs,  or  re¬ 
motely  fixing  a  user’s  registry  without  his 
intervention.”  (For  details  go  to  DocFinder: 
5634.)  Not  content  with  one  recommenda¬ 
tion,  Mills  also  suggests, “For  those  who  just 
like  to  back  up  their  registries  in  one  or  two 
clicks,  or  defrag  [their]  registry  try  Erunt  — 
yes  it  is  freeware!  [DocFinder:  5635] .” 

Erunt  is  definitely  cool, and  the  program’s 


author,  Lars  Hederer,  makes  an  interesting 
observation:  “The  Export  registry  function 
in  Regedit  is  useless  to  make  a  complete 
backup  of  the  registry  Neither  does  it 
export  the  whole  registry  (for  example,  no 
information  from  the  Security  hive  is 
saved),  nor  can  the  exported  file  be  used 
later  to  replace  the  current  registry  with  the 
old  one.  Instead,  if  you  reimport  the  file.it  is 
merged  with  the  current  registry  leaving 
you  with  an  absolute  mess  of  old  and  new 
registry  keys.” 

The  registry  defrag  that  Mills  mentioned  is 
done  by  a  freeware  program  included  with 
Erunt  called  Ntregopt,  which  works  under 
Win  NT/2000/XPHe  suggests  using  Ntregopt 
regularly  especially  after  installing  or  unin¬ 
stalling  a  program. 

Hederer  says  Ntregopt  works  by  “recreat¬ 
ing  each  registry  hive  ‘from  scratch,’  thus 
removing  any  slack  space  that  may  be  left 
from  previously  modified  or  deleted  keys,” 
but  it  “does  not  change  the  contents  of  the 
registry  in  any  way  nor  does  it  defrag  the 
registry  files  ‘on-disk’  (as  the  PageDefrag 
program  from  Syslnternals  does). The  opti¬ 
mization  done  by  Ntrgopt  is  simply  com¬ 
pacting  the  registry  hives  to  the  minimum 
size  possible.” 

This  leads  us  to  PageDefrag.  Written  by 
Mark  Russinovich  for  Win  NT  4.0,2000  and 
XP  PageDefrag  (DocFinder:  5636),  another 


freeware  utility,  can  defragment  files  that 
are  open  for  exclusive  access  by  the  oper¬ 
ating  system.This  includes  paging  files  and 
Registry  hives. 

Russinovich  says  “Paging  and  Registry'  file 
fragmentation  can  be  one  of  the  leading 
causes  of  performance  degradation  relat¬ 
ed  to  file  fragmentation  in  a  system,”  and 
never  was  a  truer  word  spoken.  Or  written. 

You  need  to  explore  Russinovich’s  site, 
Syslnternals  (DocFinder:  5637)  —  he  and 
his  partner,  Bryce  Cogswell,  offer  scores  of 
freeware  utilities  that  are  priceless  for  diag¬ 
nosing  and  exploring  the  gory  details  of  all 
versions  of  Windows. 

You  might  want  to  check  out  another  of 
Syslnternals  tool  called  Regmon  (Doc¬ 
Finder:  5638).  Regmon  runs  on  Win  95,98, 
Me,  NT,  2000,  XP  and  .Net  Server,  and  is 
designed  to  monitor  and  display  all  Reg¬ 
istry  activity  in  real  time. You  can  filter  and 
search  for  keys  and  data  so  you  can  ana¬ 
lyze  how  Windows  and  applications  use 
the  registry  You  will  be  surprised  at  how 
busy  the  registry  is. 

If  you  want  to  learn  something  obscure 
and  potentially  useful  about  the  registry 
check  out  Syslnternals  story  on  hidden  reg¬ 
istry  keys  (DocFinder:  5639). 

Expose  your  keys  at  gearhead@gibbs. 
com. 
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Two  Palms  now,  with  one  on  the  way 


Palm  last  week  announced  the  new 
consumer-focused  Palm  Zire  71 
handheld  that 
comes  with  an  MP3 
player,  video  player 
and  embedded  digi¬ 
tal  camera;  and  the 
Tungsten  C,  a  “profes¬ 
sional”  version  that 
finally  includes  em¬ 
bedded  802.11b  wire¬ 
less  LAN  connectivity 
The  Zire  71  is  available 
for  $300;  the  Tungsten  C 
will  begin  shipping  next 
month  for  about  $500. 

We  were  lucky  enough 
to  receive  the  Zire  71,  and 
have  been  playing  around 
with  it  for  a  few  weeks.  We 
also  received  a  Tungsten  W, 
the  Palm  device  that  in¬ 
cludes  a  cell  phone  with 
wireless  WAN  connectivity 
via  General  Packet  Radio 
Service  (GPRS)  (over  the 


AT&T  Wireless  network). 

The  Zire  71  runs  on  the  new  Palm 
OS  5  operating  system,  and  features 
16  bytes  of  memory  a  144-MHz  ARM- 
based  processor  and  a  320-by-320- 
pixel  color  screen.  The  coolest  fea¬ 
ture  is  the  embedded  camera.To  take 
a  photo,  a  user  slides  out  the  bottom 
of  the  Zire  to  reveal  the  shutter  but¬ 
ton  (the  lens  is  on  the  back).  The  Zire’s 
screen  then  acts  like  a  viewfinder.  When 
the  user  presses  the  shutter  button, 
the  PDA  makes  a 
“shutter  click”  sound 
to  indicate  the 
photo  was  taken. 
This  sound  can  be 
turned  off  if  a 

The  Palm  Zire  71 
slides  to  reveal 
an  embedded 
digital 
camera. 


user  wants  to  go  into  “spy  mode.”  One  thing 
we  noticed  was  that  after  the  shutter 
sounded,  our  photo  subject  tended  to 
move,  which  caused  a  blurry  photo  (the 
image  itself  is  recorded  after  the  shutter 
sound,  for  some  reason).  Turning  off  the 
sound  might  give  you  better  photos. 

The  photos  are  taken  in  640-by-48Opixel 
VGA  resolution, and  lower  resolutions  (320 
by  240,  or  160  by  120)  are  also  available. 
These  resolutions  make  the  photos  good 
for  e-mailing  or  posting  on  Web  sites.  For 
larger  prints,  these  resolutions  might  be  too 
low.At  the  highest  resolutions, we  could  get 
almost  160  photos  stored  on  the  device  (A 
counter  tells  you  how  many  you  have  left). 
Photos  then  can  be  synchronized  back  to 
the  desktop  for  editing  and  e-mailing. 

Other  features  of  the  Zire  71  include  the 
RealOne  Player  for  digital  audio  files,  and 
the  Kimona  player  for  video  files.  Videos 
and  music  can  be  stored  only  on  the 
SecureDigital  expansion  card  —  they 
can’t  be  stored  on  the  PDA  itself.  We  were 
given  a  64M-byte  card  —  we’d  recom¬ 
mend  a  128M-byte  card  if  you  want  to 
store  lots  of  music,  videos  or  both.  The 
PDA  has  an  external  speaker,  or  you  can 
attach  headphones. 

The  Tungsten  W  is  a  converged  device 
(PDA  plus  phone),  with  a  little  bit  of 
BlackBerry  (e-mail  device  with  embedded 
keyboard)  thrown  in. The  Tungsten  W  fea¬ 
tures  16M  bytes  of  memory,  a  Dragonball 
VZ  processor  (33-MHz),  and  a  320-by-320 


color  display  To  use  the  phone,  a  user  con¬ 
nects  a  hands-free  headset  to  the  device, 
although  a  third-party  company  provides  a 
case  that  lets  a  user  hold  the  Tungsten  W  to 
his  ear  as  if  it  were  a  cell  phone. 

While  we  like  the  idea  of  the  Tungsten  W 
(WAN  connectivity,  a  phone  and  embed¬ 
ded  keyboard), we  think  the  network  con¬ 
nections  are  still  too  slow  —  Web  surfing 
is  a  lesson  in  patience  (GPRS  only  pro¬ 
vides  about  40K  to  60K  bytes  of  data 
throughput). 

Similarly,  the  embedded  keyboard  was 
nice  for  typing  long  notes  and  e-mails,  but 
the  feel  of  the  keyboard  was  not  as  nice 
as  a  BlackBerry  The  e-mail  connectivity 
out  of  the  box  is  for  point-of-presence  or 
Internet  Message  Access  Protocol  e-mail 
accounts,  not  for  corporate  e-mail  such  as 
Lotus  Notes  or  Microsoft  Exchange.To  get 
that  connection,  you’ll  need  to  look  at  a 
third-party  application  or  get  your  IT 
group  to  help  out. 

The  Tungsten  C  (which  we’ve  only  seen, 
and  haven’t  played  with  yet)  promises  a 
quick,  three-step  connection  process  to  a 
WLAN.  With  a  faster  wireless  link, you  final¬ 
ly  get  a  good  Web-surfing  experience  on  a 
PDA, something  that  has  been  missing  with 
previous  PDAs  we’ve  tried.  The  Tungsten  C 
also  provides  the  embedded  keypad, 
which  helps  with  longer  notes  and  e-mail. 

Shaw  can  be  reached  at  kshawQnww. 
com. 
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EDITORIAL 

John  Dix 

Using  your 
browser  for 
security 

How’s  this  for  a  nightmare  scenario:  The  CEO  or 
CFO  gets  his  hands  on  a  Web-based  network  vul¬ 
nerability  assessment  tool  he  can  use  from  the 
browser  on  his  desk  to  make  sure  you  have  everything 
properly  buckled  down. 

Philippe  Courtot,  chairman  and  CEO  of  Qualys,  trots  that 
out  as  a  scare  tactic,  essentially  saying  his  tool  is  so  easy  to 
use  that  you  better  install  it  to  find  the  weak  spots  before 
the  top  cheese  does. 

He’s  half  joking,  of  course,  but  with  new  data  security  reg¬ 
ulations  coming  online  and  increased  boardroom  pres¬ 
sure  for  security  compliance,  it’s  clear  that  companies  can 
no  longer  simply  rely  on  annual  security  checkups. 

Qualys,  founded  in  1999,  is  attacking  the  problem  with  a 
service  it  calls  On-Demand  Network  Security  The  basic 
idea,  Courtot  says,  is  to  assess  network  vulnerability  with¬ 
out  requiring  customers  to  install  and  learn  new  tools. 

The  company  has  65  network  scanners  in  the  U.S., 
Europe  and  Asia  that  it  uses  to  map  customer  networks 
from  the  outside,  looking  to  see  what  firewall  ports  are 
open,  or  servers  are  available,  etc.  Once  complete,  the  base¬ 
line  is  used  to  generate  reports  detailing  what  has  been 
added  or  changed. 

Then  the  company  scans  for  weak  spots,  looking  for  evi¬ 
dence  of  2,500  vulnerabilities  the  company  has  profiled  in 
a  database.  About  20  to  30  new  vulnerabilities  are  added 
each  week,  Courtot  says. 

When  problems  are  identified,  the  service  alerts  the  cus¬ 
tomer  and  outlines  the  potential  exposure.  For  remedia¬ 
tion,  Qualys  finds  or  develops  fixes,  subjects  both  to  an 
internal  QA  process  and  then  makes  them  available  for 
download. 

Customers  who  want  to  complement  the  outside  scan 
with  an  inside  view  receive  a  packaged  scanner  that, 
once  clamped  on  the  network,  is  authenticated  by 
Qualys  and  provides  a  pipeline  in. The  box  is  owned  and 
managed  by  Qualys,  but  all  information  gathered  by 
either  type  of  scan  is  kept  encrypted  and  is  visible  only 
to  the  customer. 

One  shortcoming  of  the  Qualys  approach  is  that  cus¬ 
tomers  can’t  scan  desktops  for  banned  programs, say 
FTPCourtot  says  he  might  add  that  capability  by  intro¬ 
ducing  client  code. 

On-Demand  costs  roughly  $50,000  per  year  for  customers 
with  a  Class  C  IP  license,  and  the  company  says  it  has 
1,000  subscribers,  including  the  Federal  Reserve  Bank. 

One  interesting  insight  is  that  Courtot  says  customers  are 
averaging  22  scans  per  year. That  says  something  about 
pent-up  fear  out  there. 

—  John  Dix 
Editor  In  Chief 
jdix@nww.com 
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opinions 


History  lesson 

Regarding  “Users  eye  Windows  mgmt.  plan"  (www. 
nwfusion.com,  DocFinder:  5624):  Does  anyone  have 
any  sense  of  history  these  days?  Unfortunately  I  lived 
through  the  promulgation  of  SNA  and  the  Open 
Systems  Interconnection  model  for  network  man¬ 
agement  —  which  I'm  sure  everyone  would  agree 
were  raging  successes. 

Now  Microsoft  is  going  to  cure  its  own  ills.  If 
Microsoft  built  an  operating  system  that  worked 
properly  perhaps  it  wouldn’t  need  so  much  man¬ 
agement.  I’ll  grant  that  hardware,  operating  systems 
and  networking  have  changed  greatly  over  the  past 
20  years.The  same  systems  management  problems 
persist,  regardless. 

Chuck  Waser 

Raleigh,  N.C. 


Numbers  game 

I  found  the  story  “What  users  want  from  SLM  soft¬ 
ware”  (DocFinder:  5625)  very  incisive,  but  I  have  an 
issue  with  the  market  size  figure  quoted  ($6.9  bil¬ 
lion).  This  looks  like  a  total  for  the  entire  network 
and  systems  management  space  rather  than  service- 
level  management,  which  is  known  to  be  generally 
in  the  $400  million  to  $600  million  range.  Under¬ 
standing  users’  needs  has  to  start  with  defining  and 
having  a  common  understanding  of  what  consti¬ 
tutes  service-level  management. 

Michael  Odusami 
London 

Risky  business 

The  story  “Early  Wi-Fi  gear  may  prove  risky  invest¬ 
ment”  (DocFinder:  5626)  is  right  on  the  money  My 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  Editor  In 
Chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Rlease  include  phone  number  and  address  for  aerification. 


company  implemented  the  Sierra  Wireless  card 
before  realizing  that  there  was  an  issue  connecting 
with  Citrix.  Sierra  then  informed  me  that  it  devel¬ 
oped  a  fix  but  that  Verizon  still  was  testing  it.  The 
Sierra  card  is  useless  to  my  company. 

David  Sirrine 
IS  coordinator 
The  Bouma  Corporation 
Grand  Rapids,  Mich. 


Lovin’  Linux 

As  someone  whose  organization  began  moving  to 
Linux  and  BSD  four  years  ago,  I  found  Mark  Gibbs’ 
Backspin  column  “Linux  loved,  but  Windows  wins” 
(DocFinder:  5627)  interesting. 

Linux  and  open  source  should  not  be  seen  as  an 
all-or-none  proposition. This  type  of  mindset  creates 
a  sense  of  despair. The  smart  approach  to  Linux  is  to 
take  small  steps.This  requires  serious  thought  about 
what  Linux  can  and  cannot  do  for  a  company 

It  is  no  secret  that  Microsoft  architectures  are  de¬ 
signed  to  lock  you  into  a  dependence  on  Microsoft 
technology.  If  a  company  feels  trapped  by  Microsoft, 
then  to  a  large  extent  it  should  blame  itself  for  letting 
itself  be  trapped. 

Perhaps  my  organization  is  lucky. We  lost  the  finan¬ 
cial  ability  to  keep  up  with  the  Microsoft  churn 
cycle.  We  had  to  move  to  something  else.  Did  it  take 
hard  work?  Sure.  Did  it  require  some  risk?  Absolutely 
Was  there  some  frustration  along  the  way?You  bet.  If 
we  could  do  it  again,  would  we?  In  a  second. 

The  trick  is  to  look  at  Linux  strategically  It  is  far  eas¬ 
ier  to  implement  Linux  in  the  server  farm  first  — 
fewer  systems  to  convert,  can  be  done  seamlessly 
has  direct  benefits  for  IT  and  users.  We  continue  to 
use  Windows  where  appropriate. 

Nate  Keegan 
Network  engineer 
City  of  Prescott 
Prescott,  Ariz. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder  5623 
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USER  VIEW 

Chuck  Yoke 


One  of  the  main  tenets  of  Buddhism  is 
mindfulness  —  the  ability  to  be  totally 
aware  of  the  moment.  Adherents  of  all 
branches  of  Buddhism  meditate  daily  to  train 
their  minds  to  have  “clear  comprehension” 
and  see  things  objectively  and  impartially. 
After  20  years  of  involvement  in  IT,  I  can  safe¬ 
ly  say  that  mindfulness  has  not  been  an  inherent  trait  of  most  IT  orga¬ 
nizations.  Sadly  from  many  perspectives,  it  can  be  said  that  “mindless¬ 
ness”  has  been  a  better  description  of  IT. 

Many  costly  strategic  decisions  have  been  made  based  totally  on 
technology  prejudices,  zealous  preferences  or  knee-jerk  reactions, with¬ 
out  analyzing  the  true  business  impact.  Many  companies  have  wasted 
a  good  deal  of  time,  resources  and  money  on  IT  projects  based  solely 
on  technology  Data  warehouses  have  been  built  that  today  sit  idle  with 
data  that  hasn’t  been  updated  in  years.  Costly  ATM  campus  networks 
have  been  implemented,  only  to  be  ripped  out  before  they  are  fully 
depreciated  and  replaced  with  Gigabit  Ethernet.  Expensive  CRM  sys¬ 
tems  have  been  implemented  that  are  rarely  used  because  of  their 
complexity  and  high  support  costs. 

Unfortunately  we  haven’t  learned  from  these  mistakes.  Companies 
still  make  knee-jerk  IT  decisions  without  analyzing  the  overall  finances, 
risks  and  business  impact.  With  the  current  need  for  companies  to 
focus  on  ROI,  it  is  even  more  crucial  that  IT  decisions  be  made  objec¬ 
tively  and  impartially 


The  Zen  of  technology  acquisition 


An  example  is  VPNs.  VPNs  can  lower  network  costs  for  many  compa¬ 
nies,  but  they  are  not  a  panacea.  Being  Internet-based,  VPNs  cannot 
offer  the  same  availability  redundancy  and  quality  of  service  that  ded¬ 
icated  connections  provide.  So  while  VPNs  might  be  acceptable  for 
small  branch  offices,  they  probably  are  not  the  best  choice  for  situa¬ 
tions  requiring  mission-critical  connectivity  —  yet  companies  are  rush¬ 
ing  to  replace  their  dedicated  WAN  links  with  lower-cost  VPNs.  Instead 
of  being  mindful  of  the  business  impact  in  terms  of  extended  mean 
time  to  repair,  degradation  of  network  performance,  lower  user  pro¬ 
ductivity  and  potential  lost  revenue,  they  are  blinded  by  the  lower  cost 
and  make  a  knee-jerk  decision. 

Along  with  avoiding  knee-jerk  cost-cutting  decisions,  IT  personnel 
need  to  guard  against  making  zealous  technology-based  decisions.  It  is 
easy  to  be  blinded  by  a  technology’s  technical  elegance.  IT  depart¬ 
ments  need  to  be  impartial  in  their  analysis  to  understand  where  a 
technology  will  fit  and  where  it  will  not.  A  technology’s  only  value  is  in 
the  need  it  will  meet.  If  the  need  is  not  there,  the  technology  —  no  mat¬ 
ter  how  elegant  —  has  no  value. 

To  be  viewed  as  a  valued  business  partner,  IT  organizations  need  to 
make  decisions  objectively  and  impartially  be  mindful  of  all  risks  and 
business  impacts,  and  ensure  that  their  strategies  focus  on  business 
value.  Now  excuse  me  as  I  go  meditate. 


Many  costly 
strategic  deci¬ 
sions  have  been 
made  based 
totally  on  technol¬ 
ogy  prejudices, 
zealous  prefer¬ 
ences  or  knee- 
jerk  reactions. 


Yoke  is  a  business  solutions  engineer  for  a  corporate  network  in 
Denver.  He  can  be  reached  at  ckyoke@yahoo.com. 


CACHE  ADVANCE 

Linda  Musthaler 

Every  year,  Certification  Magazine  con¬ 
ducts  a  survey  to  determine  the  effect  of 
technical  certifications  on  an  IT  profes¬ 
sional’s  salary  and  career.  During  the  eco¬ 
nomic  boom,  certified  professionals  could 
boast  of  huge  salary  gains  that  were  higher 
than  their  noncertified  colleagues.  Salary  dis¬ 
parities  between  the  “haves”  and  “have  nots”  often  reached  20%  and 
more.  It  was  easy  to  say  then,  that  attaining  a  technical  certification  was 
worth  the  time,  cost  and  effort. 

But  what  about  today?  The  economy  has  soured,  IT  spending  has 
slowed  to  a  crawl,  and  many  IT  professionals  have  experienced  or  wit¬ 
nessed  massive  layoffs.Those  who  have  been  laid  off  are  having  trouble 
finding  jobs.  Is  there  still  any  value  in  getting  a  technical  certification? 

The  answer  is  a  resounding  yes,  according  to  the  nearly  10,000  peo¬ 
ple  who  responded  to  Certification ’s  2002  survey  Despite  the  gloomy 
economic  news  and  flat  IT  spending  throughout  2002,  certified  profes¬ 
sionals  still  had  good  things  to  say  about  the  value  of  being  certified. 
Nearly  80%  of  the  survey  respondents  plan  to  pursue  additional  certifi¬ 
cations  during  the  current  year. 

They  are  doing  so  primarily  for  job  security  These  people  —  your 
peers  —  believe  that  certification  plays  an  important  role  in  keeping 
their  jobs  in  these  uncertain  economic  times.  And  not  only  do  they  feel 
more  confident  about  maintaining  their  jobs,  they  also  feel  more  con¬ 
fident  about  performing  their  jobs.  Certifications  verify  your  skills  and 
knowledge  for  analyzing,  designing,  installing  and  supporting  complex 
computing  environments,  and  employers  take  notice. 

Some  employers  even  make  certification  training  a  formal  step  in 
their  workforce  development  programs.This  is  sound  reasoning  on  the 
employers  part;  the  Certification  survey  points  out  that  employees  feel 
that  technical  certification  improves  their  problem-solving  skills  and 
overall  job  productivity 

But  you  don’t  get  certified  just  to  be  more  productive.  You ’re  in  it  for 
the  money!  Well,  there’s  good  news  on  that  front  as  well. 

Even  though  the  tough  economy  has  slowed  the  pace  of  raises  and 
promotions,  holding  at  least  one  technical  certification  increases  your 


Certifications  are  worth  it 


prospects  of  a  better  raise  or  promotion.  Of  the  2002  survey  respon¬ 
dents^^  received  a  job  promotion  within  a  year  of  attaining  their  pri¬ 
mary  technical  certification.  I  interpret  this  as  a  sign  that  employers 
appreciate  the  increased  knowledge,  broader  range  of  skills,  and 
enhanced  confidence  and  productivity  that  accompany  the  attain¬ 
ment  of  a  certification. 

Even  if  you  don’t  see  a  promotion  after  getting  certified,  you  at  least 
can  anticipate  earning  more  money  Nearly  half  of  the  survey  respon¬ 
dents  reported  receiving  a  raise  within  a  year  of  attaining  the  certifica¬ 
tion.  You  might  say  that  those  raises  were  slated  to  occur  anyway,  even 
without  the  certification.  Not  so,  say  the  respondents.  Most  of  them 
believe  their  raises  were  mostly  attributable  to  their  certification. 

OK, so  promotions  and  more  money  are  good.  But  what  else  can  you 
expect  from  getting  certified? 

Well,  there’s  the  respect  of  your  colleagues,  customers  and  peers.  More 
than  half  of  the  survey  respondents  believe  they  get  more  on-the-job 
respect  because  of  their  technical  certifications. 

There’s  also  the  attention  from  your  key  computer  vendors,  particu¬ 
larly  if  they  are  the  ones  that  have  issued  the  certifications.  Cisco,  HR 
IBM,  Microsoft,  Novell  and  Oracle,  among  others,  issue  well-respected 
technical  certifications.  If  you  make  the  effort  to  complete  their  certifi¬ 
cation  programs,  they  treat  you  better  than  they  do  the  average  guy  off 
the  street.  The  special  treatment  usually  includes  access  to  pre¬ 
announcement  product  information  such  as  road  maps  and  strategies; 
offers  for  discounted  equipment,  training  and  services;  in-depth  techni¬ 
cal  information  and  tools  that  help  you  perform  your  job  better;  and 
access  to  priority  support.  It  all  adds  up  to  helping  you  be  a  better  tech¬ 
nical  professional. 

So  times  are  tough  and  training  money  is  scarce,  but  there’s  still  value 
in  attaining  technical  certification. Whether  you’re  getting  your  first  cer¬ 
tification  or  you’re  adding  on  to  an  already-impressive  resume,  certifi¬ 
cation  makes  you  more  attractive  as  an  employee.  It’s  a  classic  “win-win” 
situation  for  you  and  your  employer. 


So  times  are 
tough  and 
training  money 
is  scarce,  but 
there's  still  value 
in  attaining 
technical 
certification. 


Musthaler  is  vice  president  of  Currid  &  Company,  a  technology  assess¬ 
ment  firm  in  Houston.  She  can  be  reached  at  linda@currid.com. 
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NAS  Appliance 


Network-attached  storage  (NAS): 

Nearly  as  simple  (NAS)  as  it  looks. 


By  Deni  Connor 


NAS  TRENDS 


Panning  the  NAS  landscape: 
Senior  editor  Deni  Connor  supplies  a 
snapshot  of  how  the  NAS  device  market 
is  broken  down  and  measures  up. 

This  page 


REVIEWS 


Open  source  NAS  devices 
on  the  hot  seat:  Snap  Appliance  edges 
out  competing  products  from  FAI 
and  American  Megatrends  in  tests 
conducted  by  Miercom. 
Testing  Windows-powered  NAS  devices: 


Network  World  Global  Test  Alliance 
partner  Miercom  tested  products 
from  HP  and  Inline. 


Page  58 


NAS  device  Buyer's  Guide: 
Tap  into  detailed  information  on  34 
NAS  products  from  15  vendors. 

DocFinder:  5630 


You’re  running  out  of  space  on  your  servers.  Appeals  to  users  to 
free  up  disk  space  aren’t  working.  You  don’t  need  to  install  a 
storage-area  network  because  you’re  only  working  with  file- 
oriented,  not  block-level  transaction-based,  data.  A  single-pur¬ 
pose  network-attached  storage  appliance  is  the  answer.  NAS 
appliances  are  easy  to  install  because  they  attach  directly  to  the  network 
via  an  Ethernet  connection.  The  box  becomes  the  focal  point  for  file 
access,  with  users’  requests  for  files  bypassing  the  server,  improving  band¬ 
width  and  eliminating  bottlenecks.  Some  issues  to  look  for  when  buying 
NAS  appliances  are  scalability,  cost,  back-up  capability,  reliability  and  com¬ 
patibility  with  your  server  operating  system  (see  Buyer’s  Guide  chart  at 
www.nwfusion.com,  DocFinder:  5630). 


Analysts  divide  NAS  into  three  areas  based  on  scalabil¬ 
ity  and  cost:  entry-level,  with  up  to  300G  bytes  of  capa¬ 
city:  midrange,  from  300G  bytes  to  as  much  as  1.2  tera¬ 
bytes;  and  enterprise,  high-end,  which  exceeds  1.2  ter- 
abytes.The  entry-level  and  midrange  NAS  market  is  char¬ 
acterized  most  often  today  by  Windows-powered  NAS 
appliances  (see  review,  page  58)  —  file  servers  that  have 
a  version  of  Microsoft  Windows  embedded  as  their  oper¬ 
ating  system. The  advantages  of  Windows-powered  NAS 
appliances  are  that  they  fit  into  Windows-based  net¬ 
works  because  they  use  the  Windows  Management 
Interface  that  network  servers  do,  and  they  often  can  be 
managed  with  Active  Directory  tools. 

The  remainder  of  the  midrange  market  consists  of  NAS 
appliances  that  use  embedded  Linux,  FreeBSD  or  propri¬ 
etary  operating  systems  that  use  a  variety  of  file  access 
protocols  (see  review,  page  56). The  advantage  to  the 
user  is  that  these  NAS  appliances  can  use  the  protocols 
found  in  your  network. 

If,  for  example, your  network  primarily  consists  of 
Windows-based  servers, you’ll  want  to  choose  a  NAS 
appliance  that  supports  Common  Internet  File  System, 
a  Microsoft-devised  file  access  protocol.  If  you  have 
Unix,  NetWare  or  Macintosh  servers  in  your  network, 
you’ll  want  the  capability  to  use  Network  File  System, 
NetWare  Core  Protocol,  HTTP  FTP  or  AppleTalk  Filing 
Protocol. 


High-end  storage,  characterized  by  NAS  appliances  from 
Network  Appliance  and  EMC,  often  have  a  series  of  more 
robust  features  such  as  fault  tolerance;  snapshot  backup; 
replication  of  data  between  sites;  and  hot-swappable 
drives,  power  supplies  and  fans.  While  being  more  expen¬ 
sive  than  entry-level  and  midrange  arrays,  the  perfor¬ 
mance  of  high-end  storage  arrays  is  becoming  sufficient 
for  running  mission-critical  applications  such  as  data¬ 
bases  and  online  transaction  processing  applications. 

The  future  of  NAS  is  the  notion  of  managing  NAS  as  it 
proliferates  across  the  global  enterprise. 

“NAS  file  services  and  systems  are  hot  because  they 
address  an  isolated  silo  approach  that  can  be  consoli¬ 
dated,”  says  Jamie  Gruener,  a  senior  analyst  with  The  Yan¬ 
kee  Group.“The  challenge  is  how  fast  can  you  migrate 
and  move  files  from  one  place  to  another  and  how 
quickly  can  you  manage  multiple  NAS  appliances. You 
look  at  distributed  file  services  and  systems  to  do  that  " 

Established  companies  such  as  Veritas  Software  and 
start-ups  such  as  iSilon,Scaie8,Sistina  Software,  Spin¬ 
naker  Systems  and  Z-force  all  are  playing  in  this  new 
segment  of  the  NAS  market. The  software  or  hardware 
these  companies  make  camp  on  top  of  traditional  NAS 
and  let  a  number  of  geographically  separated  NAS  appli¬ 
ances  be  managed  and  accessed  as  a  single  device,  thus 
streamlining  operations  and  eliminating  the  latency 
problems  of  accessing  distributed  NAS. 
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Open  source  NAS  appliances 

Built  for  the  price-conscious,  these  NAS  appliances  lack  some  features,  particularly  in  management. 


By  Kenneth  Percy 
and  Randall 
Birdsall,  Network 
World  Test  Alliance 


pen  source  enthusiasts,  particularly  Linux  advocates,  make  much  of  the  inherent  systemic  and  cost 
efficiencies  of  Unix  operating  systems.To  ascertain  how  the  beauties  of  an  open  source  operating 
system  are  brought  to  bear  in  departmental  network-attached  storage  appliances,  we  invited  mak¬ 
ers  of  these  products  into  our  labs. 


Consistent  with  the  notion  that  you  get  what  you  pay  for, 
these  products  are  less  than  stellar  as  a  group,  particularly 
with  regard  to  management.  Also,  the  best  product  was 
also  far  and  away  the  most  expensive.  But  from  among 
the  three  vendors  that  submitted  their  products,  Snap 
Appliances  Snap  Server  14000  performed  well  enough 
across  our  criteria  to  win  the  Network  World  Blue  Ribbon 
Award.The  two  other  systems  tested  were  StorTrends  2104 
from  American  Megatrends  (AMI)  and  FIAs  POPnetserver 
4600.  We  evaluated  the  NAS  appliances  in  four  categories: 
ease  of  installation,  hardware  configuration/ 
features,  management  and  performance. 

■  Snap  Appliance 

You  can  argue  that  Snap’s  strong  showing  reflects  its 
considerable  experience  as  a  NAS  appliance  vendor.  But 
the  model  we  tested,  the  Linux-based  Snap  Server  14000, 
is  considerably  more  expensive  than  its  two  competi¬ 
tors.  A  standard  Snap  Server  14000,  with  1G  byte  of  RAM 
and  12  120G-byte  drives,  costs  $16, 000.  An  AMI 
StorTrends  2104  with  512M  bytes  of  RAM  and  no  drives 


is  priced  at  $2,300;  and  FIAs 
POPnetserver  4672  with  512M 
bytes  of  RAM  and  four  180G- 
byte  drives  is  priced  at  $3,500. 

Installation  was  easy  thanks 
to  an  effective  install  wizard. 

Snap’s  Quick  Install  guide  was 
the  best  we’ve  seen  —  this 
installation  wizard  was  the 
only  one  that  prompted  for  a 
change  of  the  default  pass¬ 
word.  Our  only  complaint  was 
the  need  for  frequent  reboots 
throughout  the  process. 

Redundancy  features 

abound,  including  RAID  5  with  hot  spare;  hot  swappable 
drives;  and  redundant  power,  fans,  and  Ethernet  interfaces 
with  load  balancing  capabilities.  It  also  offers  two  integrat¬ 
ed  software  features:  ETrust  Antivirus  software  from  Comp¬ 
uter  Associates,  and  its  own  Integrated  Backup  Express, 
software  that  lets  up  to  five  Snap  servers  back  up  to  a  sin- 


Net  Results 


2.0  RATING 

AMI  StorTrends  2104 
(Version  2.0) 

Company:  American  Megatrends 
Inc.,  (770)  246-8600,  www.ami.com 
Price:  $2,300  (one  processor,  512 
MB  RAM,  no  drives)  Pros:  Unique 
management  capabilities;  strong 
reporting.  Cons:  No  redundancies; 
weak  performance. 


3.0, 


I  RATING 

FIA  POPnetserver  4672 
(Version  2.0) 

Company:  FIA,  (949)  940-6500, 
www.fiainc.com  Price:  $3,500  (one 
processor,  512  MB  RAM,  4x180  GB 
drives)  Pros:  Extremely  easy  setup; 
High  DOS  resilience.  Cons:  Limited 
reporting,  statistics,  and  diagnos¬ 
tics;  no  console  access. 


3.7 


RATING 


Snap  Server  14000 
(Version  2.2) 

Company:  Snap  Appliance,  (408) 
879-7800,  www.snapappliance.com 
Price:  $16,000  (one  processor,  1GB 
RAM,  12x120  GB  drives)  Pros:  Best 
performer;  multiple  hardware 
redundancies.  Cons:  Expensive;  no 
real-time  statistics. 


CTO1M-M.1EBI storTrends2104 

POPnetserver 

4672 

Snap  Server  14000 

Management  30% 

2 

2 

3  111 

Performance  30% 

2 

3 

Configuration/Features  25% 

2 

3 

4 

Ease  of  installation  15% 

2 

5 

4 

TOTAL  SCORE 

2 

3 

3.7 

Ind'vUi’jai  category  scores  are  based  on  a  scale  of  1  to  5.  Percentages  are  the  weight  given  each  category  in  determining 
the  ton  re  ■  Scoring  Key:  5:  Exceptional  showing  in  this  category.  Defines  the  standard  of  excellence)  4:  Very  good  showing. 
Althon  here  may  be  room  for  improvement,  this  product  was  much  better  than  the  average.  3:  Average  showing  in  this  category. 

Produc  .  neither  especially  good  nor  exceptionally  bad.  2:  Below  average.  Lacked  some  features  or  lower  performance  than 
other  products  or  than  expected  1:  Consistently  subpar,  or  lacking  features  being  reviewed. 


Snap  Appliance's  Snap  Server  14000  earns 
top  grade  for  consistent  performance. 


gle  tape  device. When  testing  features,  however,  the  process 
of  administering  snapshots  was  unnecessarily  difficult,  and 
the  documentation  failed  to  address  our  questions. 

Snap  Server’s  management  application,  Administration 
Tool,  was  easy  to  use  but  had  some  shortcomings.  Logs 
give  you  a  lot  of  information,  but  they’re  difficult  to 
understand  and  cannot  be  exported  as  data  files.  Also, 
no  real-time  statistics  were  available  on  Administration 
Tool,  nor  did  it  offer  any  diagnostic  capability. 

These  last  two  complaints  can  be  addressed  by  access¬ 
ing  Snap  Server’s  command-line  console  via  a  Secure 
Shell-encrypted  connection. This  gives  considerably 
more  visibility  into  the  box,  including  a  large  number  of 
real-time  statistics.  It  also  is  the  only  means  of  accessing 
simple  IP  diagnostic  tools  such  as  ping  and  trace  route. 

The  strength  of  this  product  is  its  performance  (see  per¬ 
formance  chart,  page  58). With  a  maximum  throughput  of 
1.83M  byte/sec,  performance  in  the  file  server  client  emu¬ 
lation  testing  was  marginally  better  than  the  others.  During 
Web  server  emulation  testing,  however,  the  Snap  product 
distanced  itself  quite  a  bit,  posting  a  maximum  throughput 
of  just  less  than  21M  byte/sec.  However, Snap’s  resilience  to 
denial-of-service  (DoS)  attacks  was  unimpressive,  incurring 
a  17%  performance  hit  while  under  attack.  (See  online 
chart,  www.nwfusion.com,  DocFinder:  5646.) 

■  FIA 

Installing  FIAs  POPnetserver  4600  was  very  nearly  a  plug- 
and-play  exercise.  Just  a  few  clicks  through  FIAs  setup  wiz¬ 
ard,  and  you  have  instant  storage. 

But  there  are  a  couple  of  caveats  that  prospective  FIA 
buyers  should  beware  of.  Our  testers  complained  the  auto¬ 
mated  setup  process  bypassed  any  initial  user  setup,  and 
“Guest”  accounts  were  left  with  read  and  write  access  to 
the  default  directory  —  a  considerable  security  oversight. 

Secondly,  FIA  customers  who  lose  or  forget  the  admin¬ 
istrative  password  must  ship  their  POPnetserver  back  to 

See  Open  source  NAS,  page  58 


hp  tc2120 

•Tower  Model 

•Intel®  Celeron®  1.80  GHz  processor 
•128MB  PC2100  Registered  ECC  DDR  Memory, 
upgradeable  to  4GB 

•Integrated  Dual  Channel  Ultra  ATA-100  IDE  Adapter 
•40GB  Ultra-ATA  7200  rpm  Hard  Drive* 

•NC7760  Gigabit  Network  Controller  (embedded) 

®  1-Year  Limited  Warranty* 

$549 

Lease  for  under  $23  a  month  for  24  months  * 

hp  ProLiant  ML350  G3 

•Tower  Model 

•Intel®  Xeon™  processor  2.40  GHz 
•256MB  Total  PC2100  Registered  ECC  DDR 
SDRAM  Memory  (1  x  256) 

•Integrated  Dual  Wide  Ultra3  SCSI  Adapter 
•6  x  1 "  Hot  Pluggable  Hard  Drive  Bays 
•36.4GB  U320  Universal  Hard  Drive  (1") 

10,000  rpm* 

•NC7760  Gigabit  Network  Controller  (embedded) 
•ProLiant  Essentials  Foundation  Pack  (including 
SmartStart™  &  Insight  Manager™) 

•3-Year  Worldwide  Pre-Failure  Warranty  (processors, 
memory  &  hard  drives),  next-business-day  parts, 
labor  &  on-site  delivery* 

$1,938 

Lease  for  under  $81  a  month  for  24  months' 


$1,048 

Lease  for  under  $44  a  month  for  24  months’ 


HP  servers  are  as  reliable  as  they  are  affordable, 
so  it  costs  less  to  maximize  your  server's  uptime. 

In  fact,  our  Intel' processor-powered  HP  servers  are 
the  best-designed  servers  built  on  the  most  reliable 
platform  available.  They're  custom  configured  to  meet 
your  company's  nonstop  demands  and  they're 
easier  to  install  than  ever  before.  And  every  HP 
server  can  be  managed  today  as  easily  as  they  are 
adaptive  and  expandable  for  tomorrow.  Plus  they're 
all  backed  with  an  impressive  warranty  and  our 
experienced  service  and  support  team.  So  your 
business  heads  in  the  only  direction  it  should— up. 


$3,662 

Lease  for  under  $153  a  month  for  24  months' 


hp  ProLiant  ML310 

•Tower  Model 

•Intel®  Pentium®  4  processor  2.53  GHz  - 
(2.80  GHz  available) 

•256MB  Total  PC2100  Registered  ECC  DDR  SDRAM  Memory 
•Integrated  Dual  Channel  Ultra  ATA-100  IDE  Adapter  with 
Integrated  ATA  RAID  0,1,  &  1+0 
•40GB  ATA  7200  rpm  Drive  1"* 

•NC7760  Gigabit  Network  Controller  (embedded) 

•ProLiant  Essentials  Foundation  Pack 
(including  SmartStart™  &  Insight  Manager™) 

•  1  -Year  Worldwide  Pre-Failure  Warranty  (processors,  memory  & 
hard  drives),  next-business-day  parts,  labor  &  on-site  delivery* 


hp  ProLiant  DL380  G3 

•Rack  Model 

•Intel®  Xeon™  processor  2.40  GHz 
•512MB  Total  PC2100  Registered  ECC  DDR 
SDRAM  Memory  (2  x  256) 

•Integrated  Smart  Array  5i  Plus  Controller 
•Hot  Plug  Drive  Cage-Ultra3 
(5  x  1"  and  1  x  1.6") 

•36.4GB  U320  Universal  Hard  Drive  (1") 

1 0,000  rpm* 

•Two  NC7781  PCI-X  Gigabit  NICs  (embedded) 
PCI  10/100  WOL 

•Sliding  Rails  and  Cable  Management  Arm 
•ProLiant  Essentials  Foundation  Pack  (including 
SmartStart™  &  Insight  Manager™) 

•3-Year  Worldwide  Pre-Failure  Warranty 
(processors,  memory  &  hard  drives), 
next-business-day  parts,  labor  &  on-site  delivery* 


0%  FOR  24  MONTHS. 

For  a  limited  time,  get  0%  lease  rate  on  qualifying  purchases  made  before  April  30,2003.' 


Toll  Free  1-866-625-0785 
>  www.hp.com/go/magazine5 

Or  call  your  local  reseller. 
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Prices  shown  are  HP  direct  prices;  reseller  and  retailer  prices  may  vary.  Prices  shown  are  subject  to  change  and  do  not  include  applicable  state  and  local  sales  taxes  or  shipping  to  recipient's  destination.  Photography  may  not  accurately  represent  exact  configurations  priced.  Offers  cannot  b«? 
combined  with  any  other  offer  or  discount  and  are  good  while  supplies  last.  Limited  order  quantities.  Promotions  void  where  prohibited  or  restricted  by  law.  HP  reserves  the  right  to  modify  or  withdraw  these  promotions  at  any  time.  *For  hard  drives,  GB=billion  bytes.  rCertain  warranty 
restrictions  and  exclusions  may  apply  For  complete  warranty  details,  call  1-800-345-1518  (U.S.).  implicit  lease  rate,  assuming  lessee  does  not  exercise  a  fair-market-value  purchase  option  at  the  end  of  the  lease  term  and  timely  returns  the  leased  equipment  to  Hewlett-Packard  Financ'a1 
Services  Company  (HPFSC)  at  the  end  of  the  lease  term  and  disregarding  any  charges  payable  by  lessee  other  than  rent  payments  (such  as  taxes,  fees  and  shipping  charges).  Offer  valid  through  4/30/03  on  all  lease  transactions  with  a  total  transaction  amount  between  $499  a."d 
$100,000  Lease  products  available  through  HPFSC  to  qualified  commercial  customers  in  the  U.S.  and  subject  to  credit  approval  and  execution  of  standard  HPFSC  documentation.  Other  restrictions  may  apply.  HPFSC  reserves  the  right  to  change  or  cancel  this  program  at  any  time  without 
notice  For  more  information,  call  1-888-277-5942,  Intel,  Intel  Inside,  the  Intel  Inside  Logo,  Xeon,  Pentium  and  Celeron  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©2003  Hewlett-Packard  Development  Company,  L.P 
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continued  from  page  56 

the  dealer  for  installation,  and,  astonishingly, all  data  on 
the  server  will  be  lost. 

F1A  runs  its  NAS  product  on  FreeBSD. The  POPnetserver 
4600  supports  RAID  5  plus  hot  spare,  a  RAID  configura¬ 
tion  that  reserves  an  additional  hard  drive  to  swap  in 
immediately  when  a  drive  fails.  Other  redundancies 
include  hot-swappable  drives  and  load-sharing  Ethernet 
interface  cards.  However,  volumes  cannot  be  expanded 
on  FIAs  device  without  resetting  it. 

F1A  boxes  can  provide  full-featured  back-up  function¬ 
ality  but  at  a  price.  FIA  offers  POPbackup,  Data  Repli¬ 
cator,  Snapshot  Backup  and  Server-to-Server  Replicator 
as  optional,  extra-priced  software.  Our  testers  found  that 
each  of  these  products  worked  as  advertised  and  were 
easy  to  use.  Missing  from  FIAs  repertoire,  however,  is 
antivirus  software. 

Through  the  POPmanage  browser-based  application, 
management  of  the  POPnetserver  4600’s  is  fairly  straight¬ 
forward.  We  cited  the  logs  for  offering  a  lot  of  data  clearly 

The  holes  in  FIAs  overall  management  capabilities 
are  statistics  that  offer  only  a  handful  of  items  that  can 
be  monitored,  and  there  are  no  IP  troubleshooting  or 
diagnostic  capabilities.  Logs  can  be  exported,  there  are 
no  other  reports  to  be  had,  and  FIAs  is  the  only  device 
under  review  that  does  not  protect  its  management 
access  to  the  NAS  via  Secure  Sockets  Layer-encrypted 
communications.  Perhaps  most  egregiously,  FIA  has  no 
console  port  through  which  you  can  access  the  box 
when  all  else  fails. 

The  performance  of  the  FIA  NAS  appliance  also  was 
wanting,  registering  1.52M  byte/sec  maximum  through¬ 
put  in  the  file  server  scenario;  and  just  more  than  1 1M 
byte/sec  in  the  Web  client  emulation,  the  lowest  metrics 
of  all  systems  tested.  However,  FIA  scored  higher  in  per¬ 
formance  than  it  otherwise  would  as  the  result  of  its 
exceptional  resilience  to  DoS  attacks,  with  performance 
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degrading  only  4%  while  under  a  DoS  attack. 

■  American  Megatrends 

AMl’s  StorTrends  2104,  which  runs  on  Linux,  is  particu¬ 
larly  geared  toward  price-conscious  buyers.  While  AMI 
achieved  this  goal.it  did  so  at  the  expense  of  some 
important  attributes,  such  as  effective  management, 


redundancy  features  and  performance. 

Installing  the  StorTrends  2104  is  difficult.There’s  no 
installation  utility, and  the  Quick  Start  documentation  was 
not  particularly  useful. The  set-up  console  was  menu-dri¬ 
ven,  but  there  was  no  guidance  offered,  including  Help. To 
make  matters  more  difficult, some  software  bugs  impaired 
our  engineers’  ability  to  deploy  the  box  incident-free. 

The  configuration  of  the  1U  appliance  gives  buyers  some 
value  for  the  dollar.  Despite  its  low  price,  the  StorTrends 
2104  supports  the  most  powerful  processor  of  the  Unix 
systems  tested  (Pentium  4/2.4  GHz), and  the  most  system 
memory  (up  to  3G  bytes).  However,  it  is  missing  some 
important  redundancy  features, such  as  hot-swappable  dri¬ 
ves  and  redundant  Ethernet  interfaces.  While  it  likely  was 
done  to  keep  down  the  cost, storage  devices  as  a  rule 
should  give  a  little  more  consideration  to  disaster-proofing. 

StorTrends  2104  offers  a  single  power  supply,  a  single 
fan  and  no  network  connection  fail-over  functionality. 
Moreover,  there  is  no  redundant  or  hot-swappable  drive 
capability,  and  administrators  are  forced  to  reset  the  box 
after  expanding  a  volume  or  adding  a  disk  drive. 

AMI’s  browser-based  management  interface,  SRM 
Express  Management,  is  a  clean,  well-organized  applica¬ 
tion  that  promises  to  be  an  effective  tool.  But  like  many 
aspects  of  the  StorTrends  2104,  it’s  not  quite  there  yet.  SRM 
Express  includes  a  network  topology  map,  real-time  uti¬ 
lization  graphs  and  some  robust  reporting  functionality 

However,  there  were  two  serious  flaws.  AMI’s  logs  can¬ 
not  be  sorted  or  filtered,  and  they’re  difficult  to  under¬ 
stand.  Second,  AMI’s  Snapshot  implementation  doesn’t 
allow  automatic  scheduling.  Snapshot  software,  an 
important  value-add  for  NAS  products,  makes  instanta¬ 
neous,  point-in-time  copies  of  the  system’s  file  directory 
at  configured  intervals  that  can  be  used  to  retrieve  cor¬ 
rupted  or  wrongfully  deleted  files. 

Still  more  bad  news  concerning  AMI’s  showing  is  that 
it  does  not  support  antivirus  software,  nor  does  it  offer  or 
support  any  software  for  performing  full  backups  of  its 
drive  contents.  Finally,  AMl’s  performance  test  results  did 
little  to  distinguish  the  product. 

Percy  is  a  technology  analyst  and  Birdsall  is  a  senior  test 
engineer  for  Miercom,  a  network  consultancy  in  Princeton 
Junction ,  N.J.  They  can  be  reached  at  kpercy@miercom.com 
and  rbirdsall@miercom.com. 
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HP's  StorageWorks  takes  top  honors  for  performance. 


By  Kenneth  Percy  and 
Randall  Birdsall,  Network 
World  Test  Alliance 


icrosofts  release  of  its  Windows  2002  Server  Appliance  Kit  two  years  ago  let  tradi¬ 
tional  server  vendors  such  as  Dell,  HP  and  IBM  enter  the  network-attached  storage 
appliance  market,  which  had  been  dominated  by  Auspex,EMC  and  Network 
Appliance.  Today,  Windows-powered  NAS  devices  have  about  a  25%  share  of  this 
market,  according  to  1DC. 


We  invited  all  vendors  with  Windows  SAK-based  prod¬ 
ucts  to  participate  in  a  comparative  review  —  including 
Dell,  IBM  and  Iomega  —  only  HP  and  Inline  were  game 
to  play  Hie  Network  World  Blue  Ribbon  Award  goes  to 
HP's  Siorage Works  NAS  b2000  primarily  on  the  strength 
o!  its  performance.  Inline,  with  its  FileStorm  4550, sported 
some  innovative  features  but  came  up  short  when  other¬ 
wise  compared.  We  evaluated  the  appliances  in  four  cat¬ 
egories:  ease  of  installation  and  management,  hardware 
configuration,  features,  and  performance. 

■  Setup 

StorageWorks  NAS  b2000  uses  a  ProLiant  DL380  server 


platform,  which  builds  on  HP’s  experience  as  a  server 
manufacturer. Take,  for  example,  HP’s  RapidLaunch  util¬ 
ity.  It  provided  prompt-driven  installation  that  resulted  in 
quick  deployment  and  management  access  to  the  box. 

RapidLaunch  requires  no  Dynamic  Host  Configuration 
Protocol  server  access  to  set  up  the  NAS.  It  discovered 
all  network-attached  elements  and  assigned  an  appro¬ 
priate  IP  address  to  the  NAS.  Our  only  complaint  was 
that  the  default  administrative  username  and  password 
were  nowhere  to  be  found  on  “Quick  Start  Guide”  docu¬ 
mentation,  an  annoyance  that  HP  promised  to  fix  in  its 
next  release  note. 

Conversely,  installing  the  Inline  device  was  a  journey  of 


discovery. There  was  no  utility  offered  for  initial  installa¬ 
tion,  and  the  “Quick  Install  Guide”  was  insufficient  for  the 
task.  We  were  eventually  successful,  only  with  heavy  re¬ 
liance  on  the  main  user  manual. 

■  NAS-SAN  integration 

Two  configuration  characteristics  that  separated 
these  two  systems  both  favored  Inline.  An  Inline 
FileStorm  4550  can  contain  up  to  8G  bytes  of  system 
memory,  as  opposed  to  HP’s  6G  bytes.  Also,  Inline  sup¬ 
ports  up  to  a  maximum  of  four  processors,  while  HP 
supports  only  two. 

See  Windows-powered  NAS,  page  60 


Sony  StorStation™  family  of  network-attached 
storage  solutions  brings  backup  efficiency  and 
consolidation  to  organizations  of  any  size. 


Many  organizations  are  finding  that  tape  backup  systems 
installed  years  ago  can't  keep  up  with  the  new  business  require¬ 
ments  of  today.  The  problems  range  from  having  older  tape  for¬ 
mats  with  insufficient  capacity  to  dealing  with  collections  of 
individual  tape  drives  that  require  significant  IT  attention  to 
ensure  that  backups  run  on  schedule.  If  your  backup  tasks  are 
growing  out  of  control,  there's  a  good  chance  that  Sony's  family 
of  StorStation  networked  backup  solutions  can  bring  consolida¬ 
tion  and  efficiency  to  your  backup  processes. 

For  some  organizations,  increasing  backup  operational  effi¬ 
ciency  can  be  as  simple  as  upgrading  to  higher  capacity  tape 
drives,  such  as  Sony's  Advanced  Intelligent  Tape™  (AIT)  family 
of  reliable  data  protection  solutions.  For  others,  it  may  mean 
adding  automation,  such  as  tape  libraries  that  automatically 
manage  media  cassettes  and  back  up  on  a  scheduled  basis.  But 
for  more  and  more  organizations,  increased  efficiency  is  better 
achieved  by  adding  dedicated  network  storage  solutions  to  their 
networked  environment  in  order  to  consolidate  backup  tasks, 
ensure  greater  efficiency,  and  reduce  backup  management  and 
maintenance  requirements. 

Network-attached  storage  (NAS)  devices,  such  as  those  in  the 
Sony  StorStation  product  family,  enable  organizations  to 
increase  efficiency  by  consolidating  multiple  backup  devices  or 
disk  storage  devices  onto  existing  Ethernet  networks.  NAS 
devices  act  as  centralized  backup  coordinators  that  can  be  con¬ 
figured  in  a  number  of  ways  to  suit  many  business  requirements. 
In  the  simplest  configuration,  a  NAS  server  provides  shared  files 
or  shared  network  storage  for  multiple  servers.  With  the  proper 
integrated  software,  NAS  file  servers  can  act  as  networked 
caching  devices,  providing  speedy  access  to  frequently  used 
data.  And  for  organizations  with  a  range  of  network  backup  or 
archival  requirements,  a  NAS  backup  server  can  route  data  to  an 
attached  tape  library,  enabling  organizations  to  keep  up  with 
increasing  backup  demands  by  merely  adding  additional  or  high¬ 
er  capacity  tape  drives.  Combining  a  NAS  device  with  one  or 
more  tape  libraries  brings  increased  data  protection  and  offers  a 
cost-effective  solution  for  long-term  near-line  or  offline  storage. 

In  addition  to  increased  efficiency  and  consolidation,  automat¬ 
ed  networked  backup  solutions  can  ensure  backups  are  per¬ 
formed  on  schedule,  with  limited  or  no  human  intervention.  The 
combination  of  a  NAS  server  and  a  tape  library  is  a  particularly 
good  solution  for  scenarios  such  as: 

•  Centralized  backup  for  remote  locations  or  branch  offices 
that  lack  on-site  IT  support; 

•  Businesses  that  have  outgrown  their  existing  tape  capacities; 

•  Cost-effective  disaster  recovery  for  businesses  that  have 
many  store  locations,  such  as  retailers;  and 

•  Departments  with  multiple  servers  and  growing  data 
requirements. 

In  the  past,  it  has  been  cost-prohibitive  or  too  complex  for 
many  organizations  to  deploy  networked  devices  to  address 
such  scenarios,  but  Sony's  family  of  networked  backup  solutions 
changes  the  cost  equation.  Sony  offers  two  types  of  NAS  solu¬ 
tions:  Sony  StorStation™  Backup  Servers  and  Sony  Stor¬ 


Station™  NAS  File  Servers. 

Sony's  StorStation™  Backup  Servers  combine  Sony's  high-per¬ 
formance  Advanced  Intelligent  Tape  (AIT)  library  with  a  NAS  file 
server  and  a  leading  pre-integrated  backup  management  software 
solution.  The  "NAS  head"  provides  network  connectivity  and 
backup  management,  while  the  StorStation™  AIT  library  provides 
the  backup  capacity,  automation  and  media  handling.  For  environ¬ 
ments  with  growing  data  protection  and  archival  requirements 
across  multiple  application,  database  or  production  systems,  the 
StorStation™  Backup  Server  solution  provides  a  single  point  for 
backup  consolidation.  Moving  from  a  server-attached  backup 


the  headquarters  office  via  a  wide-area  network. 

Sony's  StorStation™  NAS  File  Servers  provide  a  low-cost  solu¬ 
tion  for  data  storage  consolidation,  file  serving  and  file  sharing 
capabilities  for  small  and  midsize  businesses  and  enterprise 
departments.  Sony  StorStation™  NAS  servers  are  an  ideal  com¬ 
plement  to  Sony  AIT  tape  libraries.  For  organizations  with  a 
range  of  file  sharing  or  network  storage  requirements,  Sony  pro¬ 
vides  NAS  server  configurations  that  provide  330  GB  to  720  GB 
of  networked  storage. 

For  ease  of  use  and  flexible  access,  Sony  file  servers  feature 
browser-based  management  and  file  sharing  support  for 
Windows®,  Unix®,  Linux®,  Novell®  and  Macintosh®  operat¬ 
ing  systems.  Data  protection  is  achieved  by  RAID-5,  RAID-1  and 
RAID-0  options.  For  an  extra  level  of  data  protection  of  the  con¬ 
solidated  data,  Sony  AIT  libraries  can  be  combined  with  the 
StorStation  file  servers  via  a  SCSI  port.  Connectivity  into  indus¬ 
try-standard  networks  is  provided  by  Gigabit  Ethernet  or  dual 
10/100  Ethernet  ports. 


Consolidating  and  Simplifying  Backup 
and  Storage 


Media 


Backup  Consolidation 
Backup  appliance  sits 
on  the  network 


Challenges 

•  Drive  or  library  attached  directly  to  server 

•  Each  systems  backup  must  be  handled  separately 

•  As  the  number  of  systems  grows,  backup 
management  becomes  cumbersome  and  difficult 

strategy  to  a  networked  solution  brings  cost  and  efficiency  bene¬ 
fits  by  eliminating  the  duplicate  resources,  efforts  and  equipment 
required  to  back  up  individual  servers  separately.  As  the  number 
of  servers  or  the  amount  of  data  generated  grows,  the  cost-bene¬ 
fits  of  a  networked  backup  approach  increase. 

The  Sony  StorStation™  Backup  Server,  when  used  with  a  Sony 
tape  library,  is  ideal  not  only  for  consolidating  backups  on-site, 
but  also  as  a  component  of  an  overall  backup  strategy  for  com¬ 
panies  needing  to  back  up  or  archive  data  from  satellite  or 
branch  offices.  The  StorStation™  Backup  Server,  when  used 
with  a  Sony  tape  library,  delivers  the  capability  needed  to 
achieve  an  unattended  backup  of  several  days  or  even  several 
weeks,  depending  on  the  amount  of  data  to  be  protected.  In 
addition,  it  can  be  managed  remotely  simply  by  connecting  it  to 


Benefits: 

•  Automated  and  streamlined 
backup  management 

•  More  manageable  growth 
and  scalability 

•  Turnkey  solution  with 
pre-packaged  backup 
management  software 


Network  Storage  Consolidation  Benefits: 

•  File  sharing 

•  Storage  consolidation 

•  Centralized  management  and  growth 


Sony's  StorStation™  NAS  backup  servers  and  file  servers  inte¬ 
grate  the  best  of  high-end  enterprise  storage  functionality  into 
solutions  that  are  affordable,  easy  to  use  and  easy  to  manage. 
Whether  for  remote  office,  workgroup  or  data  center  deploy¬ 
ments,  all  StorStation™  NAS  devices  are  compact,  1U  high, 
rack-mountable  units  designed  to  fit  neatly  into  areas  where 
space  is  limited. 

If  your  business  is  struggling  to  manage  multiple  tape  drives 
spread  across  your  network,  or  if  you  need  to  consolidate  your 
data  and  make  it  easily  accessible  to  your  networked  clients,  the 
time  is  right  for  Sony's  Network  Solutions — the  smart  investment. 

©  2003  Sony  Electronics,  Inc.  All  rights  reserved  Sony,  Advanced  Intelligent 
Tape  and  StorStation  are  trademarks  of  Sony.  All  other  trademarks  are  properties 
of  their  respective  owners. 


Learn  More  About 


Download  the  free  white  paper,  “Networked  Bat 
The  Path  to  Greater  Efficiency  and  Consolidation; 
Visitwww.nwfusion.com/sony/NASNW  J 
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But  perhaps  the  most  important  difference  between 
the  two  products  lies  in  their  architectures.  HP’s  device 
is  an  off-the-shelf  ProLiant  DL380  server  running 
Windows  SAK.  It  is  a  self-contained  storage  unit  with 
SCSI  connectivity  for  expansion  cabinets  that  can 
accommodate  up  to  27  terabytes. 

The  FileStorm  4550,  however,  is  essentially  a  head-end 
device  with  no  internal  storage 
resources,  except  for  what  is  required 
for  storing  the  operating  system. The 
device  contains  the  intelligence  to 
provide  connectivity  and  file  services 
to  users,  but  storage  resources  are 
external  only. This  could  be  in  the 
form  of  a  SCSI-based  expansion  cabi¬ 
net  or  a  Fibre  Channel  storage-area 
network  (SAN). 

Serving  as  a  NAS  head  for  a  SAN, 
the  FileStorm  4550  can  present  the 
storage  resources  of  a  back-end  SAN 
as  if  they  were  local  on  the  NAS 
appliance.  As  tested,  the  Inline  sys¬ 
tem  is  a  two-chassis  solution.  Along  with  the  FileStorm 
4550  NAS  head,  storage  was  situated  on  an  Inline 
TruFibre  expansion  cabinet,  which  was  accessed  via  a 
Fibre  Channel  link. 

Another  hardware  aspect  of  the  Inline  box  is  the  oper¬ 
ating  system  on  the  FileStorm  4550  that  was  stored  on 
solid-state  disks  (SSD),  which  are  available  on  the  Inline 
product  as  an  optional  item.  With  SSDs,data  is  stored  on 
erasable  programmable  read-only  memory  rather  than 
on  conventional,  magnetic  disks.  With  no  moving  parts, 
SSDs  are  significantly  faster  than  conventional  disks,  but 
they’re  also  significantly  more  expensive. 

Even  without  SSDs,  an  Inline  4550  is  not  inexpensive. 
Configured  with  two  Xeon  processors,  4G  bytes  of  RAM, 
two  Fibre  Channel  host  bus  adapters,  and  no  internal 
drives,  it  costs  $28,200.  An  HP  Storage  Works  NAS  b2000 
with  one  processor,  1G  byte  of  RAM,  two,  36G-byte  drives 


for  internal  storage  use,  and  three  146G-byte  drives  for 
client  storage  use  is  priced  at  $8,000. 

Hardware  redundancy  is  solid  for  both  products  with 
both  featuring  hot-swappable  disks,  N+l  power  supplies, 
multiple  redundant  fans,  and  dual,  load-balancing 
Ethernet  network  interface  cards  (NIC).  HP  also  features 
hot  spare  memory  and  memory  mirroring.  Inline  adds 
cache  mirroring  on  redundant  disk  controllers. 

■  Features 

Inline  made  a  strong  showing  in  the  features  cate¬ 
gory.  TruMask  is  software  that  enables  logical  unit  num¬ 
bers  (LUN)  masking  on  an  Inline  storage  cabinet. 

LUNs  are  essentially  resource  target  addresses.  LUN 
masking  is  a  security  feature  that  makes  user-defined 


target  resources  invisible  to  specific  Fibre  Channel- 
connected  computers. 

TruMap  is  a  virtual-LAN-like  feature  that  maps  storage 
resources  to  specific  physical  ports.  Access  to  those  re¬ 
sources,  then,  would  be  available  only  to  requests  enter¬ 
ing  through  that  port. 

Finally, TruCache  lets  redundant  disk  controllers  mirror 
one  another,  providing  instantaneous  failover  in  the 
event  of  disk  controller  failure. 

HP’s  most  notable  software  feature  is  StorageWorks’ 
NAS  Data  Copy  software,  which  lets  data  be  replicated 
over  an  IP  network  to  a  redundant  StorageWorks  box. 
If  a  link  or  system  fails,  users  request  failover  to  the 
redundant  NAS,  and  fail  back  when  the  primary  is 
restored. 

HP’s  Integrated  Lights  Out  (ILO)  is  a  feature  of  the 
underlying  ProLiant  DL380  server  platform.  Embedding 


the  ILO  software  on  a  dedicated  processor,  complete 
with  its  own  Web  server,  allows  browser-based  terminal 
emulation  of  the  StorageWorks  console  in  the  event  of 
connectivity  loss  or  system  malfunction. 

■  Windows  management 

To  manage  a  Windows  SAK-based  NAS  is  to  manage 
a  Windows  2000  Server. There  are  server  management 
utilities  that  Windows  does  well,  such  as  Performance 
Monitor  and  Event  Viewer. The  problem  is  that  to 
access  these  handy  management  utilities  or  manage 
the  appliances  hardware, administrators  must  have 
physical  access  to  the  NAS  or  launch  a  Terminal 
Services  session  with  the  server.  Windows  SAK  plat¬ 
forms  prohibit  the  ability  to  develop  their  own  man¬ 
agement  applications  that  integrate  all 
NAS  management  functions  —  and  even 
multiple  NAS  devices  —  into  a  single 
interface. 

Browsering  into  both  products  gave  us 
the  same  interface.  But  HP’s  well-known 
server  utilities  made  managing  their  offer¬ 
ing  a  better  experience.  One  example  was 
called  Survey  Utility. This  provided  a 
lengthy,  well-organized  log  of  all  adminis¬ 
trative  changes  —  hardware  and  software 
—  performed  on  the  NAS. 

Also,  Windows  SAK-based  systems  leave 
the  onus  of  RAID  array  management  to  the 
vendors.  HP’s  Array  Configuration  Utility 
made  RAID-related  tasks  —  such  as  creating  and  defin¬ 
ing  an  array  or  adding  disks  —  a  simple  exercise.  By 
contrast,  Inline’s  MorStorView  was  not  intuitive  and 
required  much  getting  used  to. 

■  Performance 

Each  vendor  provided  a  product  populated  with  four 
internal  drives  and  as  much  memory  and  processing 
power  as  needed  for  optimal  performance.  HP  tested 
with  two  Intel  Xeon  2.8-GHz  processors  and  1G  byte  of 
RAM.  Inline  submitted  product  with  four  Intel  Xeon  MP 
2.0-GHz  processors  and  1G  byte  of  RAM. 

To  ensure  that  each  product’s  disk  subsystem  was 
stressed  equally,  our  test  engineers  baselined  each  prod¬ 
uct’s  I/O  cache  capacity  and  then  adjusted  the  traffic 
loads  to  send  30%  more  load  than  the  system’s  cache 
could  handle  (see  How  we  did  it,  www.nwfusion.com, 
DocFinder:  5632). 

HP’s  StorageWorks  outperformed  the  Inline  FileStorm 
product  in  all  performance  categories,  registering  an 
average  of  7.67M  byte/sec  throughput  when  we  ran  our 
file  server  client  emulations  against  it  and  an  impressive 
average  of  76.38M  byte/sec  with  Web  server  requests. 
Inline  posted  6.26M  byte/sec  and  61.35M  byte/sec, 
respectively  (see  Performance  chart,  page  58). 

Additionally,  HP’s  resilience  to  off-the-shelf  denial-of- 
service  (DoS)  attacks  was  impressive. The  product 
proved  impervious  to  our  attacks  despite  multiple 
attempts.  Conversely,  Inline’s  performance  degraded 
by  26%  during  a  DoS  attack.  (See  online  chart,  Doc- 
Finder:  5646.) 

The  interfaces  attacked  in  HP  and  Inline’s  cases 
were  Alacritech  network  interface  cards,  but  this  has 
no  bearing  on  the  results  of  the  DoS  attacks,  accord¬ 
ing  to  Alacritech  engineers. The  reason  our  DoS 
attacks  affected  Inline  was  because  it  performed 
RAID  control  in  software,  while  HP’s  RAID  control  is 
hardware-based. 

HP  StorageWorks  NAS  b2000  and  Inline  FileStorm 
4550  approach  the  delivery  of  NAS  functionality  to 
enterprise  customers  differently.  Inline’s  less  conven¬ 
tional  approach,  however,  did  not  translate  into  perfor¬ 
mance  advantages  over  HP’s  plain  old  NAS  server. 

Percy  is  a  technology  analyst  and  Birdsall  is  a  senior  test 
engineer  for  Miercom,  a  network  consultancy  in  Princeton 
Junction ,  N.J.  They  can  be  reached  at  kpercy@miercom.com 
and  rbirdsall@miercom.com. 


Net  Results 


4.2  RATING 

Storage  Works  NAS  b2000  3.0 

Company:  HP,  (650)  857-1501  Price:  $8,000  (one 
processor,  1G  byte  RAM,  3x146G-byte  drives). 
Pros:  Best  performance;  excellent  utility 
applications.  Cons:  Weak  feature  support. 


1  RATING 

Inline  FileStorm  4550 1.3 


Company:  Inline,  (703)  421-8100,  www.inlinecorp.com  Price: 
$28,200  (two  processors,  4G  bytes  of  RAM,  no  drives).  Pros: 
Rich  features;  integrated  Fibre  Channel  support.  Cons: 
Software-based  RAID;  unintuitive  RAID  management. 


What's  the  score? 

Storage  Works  fS| 
NAS  b2000 

FileStorm  4550 

Performance  40% 

5 

4 

Ease  of  installation  and  management  25% 

4 

3 

Features  20% 

3 

5 

1 

Configuration  15% 

4 

4 

TOTAL  SCORE 

4.2 

3.95 

Individt  i'e^ory  scores  are  based  on  a  scale  of  1  to  5.  Percentages  are  the  weight  given  each  category  in  determining  the 
total  scoi .  y  scoring  Key:  5:  Exceptional  showing  in  this  category.  Defines  the  standard  of  excellence)  4:  Very  good  showing. 
Although  ::it  .  ,  be  room  for  improvement,  this  product  was  much  better  than  the  average.  3:  Average  showing  in  this  category. 

Product  was  no  :  r  -specially  good  nor  exceptionally  bad.  2:  Below  average.  Lacked  some  features  or  lower  performance  than 
other  produc’s  or  .an  expected  1:  Consistently  subpar,  or  lacking  features  being  reviewed. 


HP's  StorageWorks  NAS  b2000  scored  big  performance  numbers  in  our  tests. 
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Philips  Medical  Systems  ADAC 


“We  did  some  shopping,  checked  out  other 
solutions,  and  decided  on  Canon's 
Canobeam  DT-50.  The  feeling  around  here  is 
that  it  was  well  worth  the  money  we  spent." 

Eric  Caddenhead.  Director  of  Network 
Operations  for  Philips  Medical  Systems  - 
ADAC. 


ORBIS  International 
Humanitarian  Organization. 

"The  Canobeam  provides  us  wth  a  very 
effective  path  in  and  out  of  the  airplane. 
Since  it's  an  optical  beam,  it  requires  no 
frequency  allocation  and  can  be  set  up  very 
quickly”  (in  fixed  and  temporary  situations.) 

Ismael  Cordero ,  Manager  of  Biomedical 
Engineering  for  ORBIS. 


Visiting  Nurse  Association  Of 
Brooklyn. 

"Canobeam  proved  essential  to  ensuring 
that  our  expanded  computer  system  was 
up  to  the  task." 

Robert  Lanfranchi.  Director  of  Information 
Technology  Systems  for  l /NAB 


U.S.  Department  Of  Labor. 

“Choosing  the  Canobeam  DT-50  has  been 
instrumental  in  allowing  us  to  carry  out 
critical  public  services  at  top  speed...  it’s 
important  that  we  be  able  to  respond 
without  delays  in  the  network." 

Darryl  Aus.  Sr  Network  Engineer 
for  PWBA  Department  Of  Labor. 


DT-50 


Canon's  FSO  line  of  Canobeam 
products  has  emerged  as  the 
choice  for  more  and  more 
installations  and  a  wide  range 
of  applications.  From  providing 
communication  in  areas  where 
fiber  couldn't  be  laid;  to  meeting 
disaster  recovery  needs; 


to  allowing  private  organizations 
to  expand  services  and 
government  agencies  to  work 
faster,  Canobeam  has  met  the 
challenge  by  providing  fast  set¬ 
up,  no  FCC  licensing  or  channel 
allocation,  and  interference-free, 
confidential,  reliable  transmission. 
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Find  out  more  at  canobeam.com 

1-800-321-4388  (Canada:  905-795-2012) 
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Canon  is  a  registered  trademark  and  Canon  Know  How  is  a  trademark  of  Canor>lnc.  ©2003  Canon  USA,  Inc 


Auto  Tracking  Is  One  More  Reason 
Users  Select  Canobeam 


More  FSO  Users 


Connect  With  Us. 


cAnobeAm 


JO  I iOtOlt 


free -Space 'Optics 


■ 

V.ir,; 


1 000 10 


Canobeam  models  include: 

•  DT-55,  Gigabit  Ethernet,  1.25Gbps 

•  DT-50,  Versatile  Standard,  25-622Mbps 

•  DT-30,  Economical  Quality,  10-156Mbps 
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bluesocket 


Bluesocket,  Inc. 

Wireless  Gateway 
(781)  328-0888 
www.bluesocket.com 
Booth  #7045 

Bluesocket's  award-winning  family  of 
open  systems  enterprise  WLAN  Wireless 
Gateway  solutions  manage  and  secure 
wireless  local  area  networks,  giving  users 
of  laptops  and  PDAs  wireless  access  to 
high  data  density  corporate  networks 
and  the  Internet  while  moving  within  their 
campus  buildings,  corporate  premises, 
and  public  coverage  areas  with  Secure 
Mobility™. 


ADTRAN 

ADTRAN  Operating  System  (OS) 

(800)  9-ADTRAN 
www.adtran.com 
Booth  #6469 

The  new  ADTRAN  Operating  System 
(OS),  version  4.1,  offers  an  upgrade  to 
the  Standard  Features  Pack  and  includes 
standards-based  IPSec,  VPN,  DES,  3DES, 
AES  encryption,  MD5  and  SHA-1  for  user 
authentication  and  pre-shared  keys. 
ADTRAN,  Inc.  is  an  established  supplier 
of  advanced  transmission  products  for 
today's  expansive  telecommunications 
networks.  Widely  deployed  in  carrier, 
CLEC  and  enterprise  networks  worldwide, 
ADTRAN  products  support  all  major 
digital  technologies,  including  access 
routing,  fiber,  VPN, T3.T1,  El,  wirelessT3, 
T1,  El,  ATM,  Frame  Relay,  SHDSL,  SDSL, 
HDSL,  HDSL2,  ISDN  ,  and  DDS. 


AMJ  Technologies  Inc. 

TCAM  -  Complete  IP  Life-Cycle 
Management 

(800)  903-4AMJ  or  (800)  903-4265 

www.amjtcam.com 

Booth  #4435 

AMJ  Technologies  is  a  developer  of  com¬ 
plex  integrated  network  management 
solutions.  Networld+lnterop  2003  provides 
AMJ  the  opportunity  to  introduce  TCAM, 
their  comprehensive  IP  address  manage¬ 
ment  solution.  TCAM  delivers  an  unparal¬ 
leled  suite  of  tools  and  utilities  designed 
and  engineered  specific  to  Telecom 
and  large  enterprise.  Starting  at  the 
core  infrastructure,  TCAM  offers  an 
all-inclusive  solution  for  management 
of  the  many  critical  requirements  that 
encompass  complex  IP  address  environ¬ 
ments.  With  seamless  flow-through 
management  processes,  TCAM  focuses 
on  the  connection  between  infrastructure 
efficiencies  and  value  derived  from 
enhanced  business  processes. 


Canon  U.S.A.  Inc. 

Canobeam 
(201)  816-2900 
www.canobeam.com 
Booth  #4483 

Canon’s  Canobeam  series  of  FSO/Free 
Space  Optics  transceivers  are  in  use 
at  major  government  facilities,  schools, 
business,  statewide  courtrooms,  and 
more.  They  require  no  FCC  licensing; 
provide  secured  high-speed  data  links 
(10Mbps  to  Gigabit  Ethernet)  between 
buildings  as  far  as  1.25  miles  apart;  and 
feature  SNMP  management,  3R  signal 
reproduction,  and  a  reliable  auto-tracking 
system. 


Avocent  Corporation 

DSR800 

(256)  430-4000 

www.avocent.com 

Booth  #5739 

Avocent's  DSR800,  designed  for  local 
and  remote  server  access  and  control  in 
lower-density  applications  and  distributed 
locations,  is  a  cost  effective  8-port  KVM 
switching  system.  This  KVM  OVER  IP 
switch  allows  IT  administrators  to  easily 
troubleshoot,  or  even  reboot  a  server,  at 
the  rack,  from  the  NOC,  from  their  desk 
or  from  any  location  in  the  world,  using 
standard  TCP/IP  connections. 


ave  been  made  to  make  this  listing  as  complete  and  accurate  as  possible.  Network  World  is  not  liable  for  errors  or  omissions. 
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he  NetWorld+Interop 
2003  Interop  Net  Labs  — 
a  neutral  proving 
ground  for  vendors  to 
publicly  test  their  prod- 

ucts  in  accordance  with 

■ 

emerging  standards  — 
will  focus  on  three  areas  this  week  in 


Las  Vegas:  802,1  X-based  wireless  secu¬ 
rity;  iSCSI-based  storage  networks; 


and  advanced  internetworking  based  on 


Multi-protocol  Label  Switching. 


Weeks  ago  in  a  warehouse  halfway  between  San  Jose  and 
San  Francisco,  dozens  of  iLabs  volunteers  set  up  a  network 
and  conducted  rounds  of  interoperability  testing,  Then  the 
iLabs  team  packaged  up  the  network  and  shipped  it  to  Las 
Vegas,  where  show  attendees  can  get  hands-on  experience. 

As  media  sponsor  of  the  ILabs,  Network  World  had  exclu¬ 
sive  access  to  the  inner  workings  of  the  hot  stage  testing. 
We  sent  Network  World  Global  Test  Alliance  member  Joel 
Snyder  and  director  Christine  Burns  to  California  to  partic¬ 
ipate  in  the  testing  and  report  the  findings. 


Wireless  security  is  rising, 
but  it’s  not  fully  baked  yet 


802. IX  authentication  passes  most  iLabs  tests. 


BY  JOEL  SNYDER,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 


BELMONT,  CALIF.  —  In  interoperability  testing 
that  NetWorld+Interop’s  iLabs  Wireless  Security 
team  conducted  earlier  this  month,  we  found 
that  products  supporting  802.  IX  —  the  pro¬ 
posed  standard  for  authentication  in  wireless 
networks  — -  worked  well  together  most  of  the 
time,  but  we  identified  some  problem  areas  that 
need  attention  from  standards  bodies  and  ven¬ 
dors  alike. 

The  iLabs  team  assembled  802. IX  supplicants 
(clients)  from  four  vendors  on  four  operating 
systems  (Windows  XP,  Windows  2000,  Mac  OS 
X  and  Windows  CE);  Remote  Authentication 
Dial-In  User  Service  (RADIUS)  authentication 
servers  from  seven  vendors  running  on 
Windows,  Linux  and  HP/UX:  and  19  different 
802. IX  wifeless  and  wired  devices  including 
access  points,  new  wireless  switches  and  tradi¬ 
tional  wired  Fast  Ethernet  switches. 


Across  the  board,  we  identified  hundreds  of 
test  cases  that  worked  flawlessly.  However,  test¬ 
ing  uncovered  instances  where  interoperability 
wasn't  so  smooth,  including  complications  with 
Protected  Extensible  Authentication  Protocol 
(PEAP)  and  Tunneled  Transport  Layer  Security 
(TTLS)  authentication  within  802. IX,  setting  of 
wired  equivalent  privacy  (WEP)  keys,  and  inter¬ 
pretations  of  the  standards. 

Vendors  achieved  excellent  Transport.  Layer  ,  Y  V  >;) 
Security  (TLS)  authentication  rates  in  our  lab  X  ,  <i 
setting,  with  only  a  few  test  cases  failing.  TL$y'  .  - 
and  lETF-sponsored  protocol,  is  the  simplest  X 
acceptable  authentication  method  for  wireless 
networks,  and  has  been  accepted  as  a  stan-  ' 
dard,  therefore  it  served 
basic  operation. 

But  in  the  real  world,  things  are  much  differ?., 
ent.  TLS  requires  that  each  end  user  havmCdV 
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•  |  Ikabs  team  shows  off  remote 
M  boot,  video-feed  capabilities. 

■  We  know  what  iSCSI  is  —  a  protocol  that  defines  how 
ivices  move  block-level  storage  data  over  IP  links. 

We  recognize  the  potential  benefit  —  an  opportunity  to 
extend  access  to  storage  over  existing  Ethernet  networks. 
.  We  know  it  has  big-time  backers  —  Adaptec, 
Alacritech,  Cisco.  Emulex,  HP,  IBM,  Intel,  Microsoft, 
Nishan  Systems  and  Network  Appliance,  to  name  some. 
But  what  can  iSCSI  do  for  you? 

How  about  letting  you  go  to  CompUSA,  buy  three 
USB  fjoppy  disk  drives,  hang  them  off  a  Linux  server 
and  configure  them  into  a  RAID  array  from  a  Windows 
2000  Server  over  a  wireless  network? 

Of  course,  no  one  would  build  a  RAID  array 
with  1.44M  byte  floppy  disks,  but  the  iLabs  team 
exercise  showed  that  many  things  are  possible 
with  iSCSI.  “.It  does  go  to  demonstrate  that 
iSCSI  gives  you  the  flexibility  to  build  any  real- 
life  storage  application  you  need  and  then  run  it 
over  IP,”  says  Allen  Gwinn,  iLabs  IP  Storage 
Initiative  team  lead  and  senior  director  of  tech¬ 
nology  at  the  Cox  School  of  Business  at 
Southern  Methodist  University  in  Dallas. 

The  iLabs  team  then  backed  up  a  local  disk 
drive  on  a  Win  2000  Server  equipped  with  an 
iSCSI-supported  Alacritech  network  interface 
card  to  another  drive  located  on  a  “just  a  bunch 
of  disks”  box  across  a  Gigabit  Ethernet  link.  No 
surprises  here.  It  works. 

Next,  the  team  tested  how  iSCSI  can  be  used  to 
remotely  boot  a  computer  without  any  hard  drive 
or  directly  attached  disks.  In  this  scenario,  a  Win 
2000  box  with  no  hard  drive  hit  a  Cisco  Catalyst  4000 
switch  and,  via  a  Dynamic  Host  Configuration  Protocol 
(DHCP)  server  software  attached  to  that  switch,  picked 
up  a  standard  IP  address.  Also  residing  on  the  DHCP 
server  is  Cisco's  iSCSI  Network  Boot  software  that 
points  the  Windows  machine  to  a  drive  hanging  off  an 
iSCSI  storage  target  on  the  network  to  remotely  boot  it. 
This  type  of  remote  booting  capability  has  been  available 
in  the  Fibre  Channel  realm  for  some  time. 

While  the  iLabs  team  only  demonstrated  that  this 
remote  boot  application  would  work  with  a  single  serv¬ 
er,  the  technology  could  be  used  to  let  a  large  number  of 
servers,  such  as  blade  servers  in  a  rack-mounted  chas¬ 
sis,  boot  up  from  a  single  storage  system. 

"Think  of  the  administrative  implications  of  that,”  says 
Mike  Frase,  an  iLabs  engineer  and  a  Cisco  technical 
support  engineer.  “Any  time  you  need  to  change  secur¬ 
ity  parameters  or  modify  applications,  you  just  make 
those  changes  once  and  they  get  populated  to  your 
remote  servers  when  they  boot  up." 

The  iLabs  storage  team  also  tested  how  iSCSI  can  help 
deliver  video  on  demand  across  IP  networks.  The  team 
stored  video  clips  on  an  IBM  Total  Storage  FAStT500 
Fibre  Channel  storage  device  attached  to  a  Cisco  MDS 
9216  multilayer  fabric  storage  switch  that  sports  Fibre 
Channel  and  iSCSI  interfaces.  On  the  other  side  of  the  IP 
cloud  sits  a  video  server  and  a  client  PC.  The  client 
machine  requests  a  video  feed  from  the  server,  which 
downloads  the  stored  clips  using  iSCSI  over  the  Gigabit 
Ethernet  network. 

*5;  On  that  same  test  bed,  the  team  demonstrated  how 
iSCSI  could  help  deliver  a  video  surveillance  application. 
A  digital  camera  feed  sent  images  through  the  IP  net¬ 
work  to  a  desktop  where  you  could  view  the  images  live 
f  .and  to  the  IBM  storage  device,  where  they  could  be  saved 
‘  .  tp  disk.The  surveillance  video  then  is  made  available  to  a 

second  PC  with  a  10-minute  delay.  By  saving  these 
:o  disk  and  then  using  iSCSI  to  deliver  them  back 
IP  network,  the  viewer  gets  easy,  precise  access 
without  weeding  through  piles  of  video  tapes. 
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tal  certificate,  and  that's  probably  not  a 
good  assumption  for  many  of  today’s  net¬ 
works.  Conventional  wisdom  for  wireless 
vendor  lies  in  the  belief  that  most  network 
managers  will  want  to  incorporate  802.  IX- 
based  security  measures  into  an  existing 
authentication  system,  such  as  username/ 
password  or  token-c  ard  schemes. 
Unfortunately,  that’s  not  easy  to  do  securely. 

PEAP  vs.  TTLS;  A  bad  competition 

Two  competing  proposals  that  help  to 
integrate  legacy  authentication  into  802.  IX 
are  TTLS,  proposed  by  Funk  and  Certicom; 
and  PEAP,  proposed  by  RSA  Security,  Cisco 

Chile  time  will 
iprove  interoper- 
pability,  having  the 
IIETF  decide  the  TTLS 
vs.  PEAP  disc  ussion 
[quickly  would  help 

even  more. 


and  Microsoft  (For  details  of  PEAP  and 
TTLS,  see  www.nwfusion.com,  DocFinders: 
5530  and  5531).  While  neither  proposal  has 
advanced  to  standards  status,  many  ven¬ 
dors  have  implemented  both. 

Finding  a  compatible  inner  authentication 
method,  such  as  MS-CHAP-V2  or  One  Time 
Password,  within  PEAP  and  TTLS  is  not 
easy.  Because  PEAP  doesn’t  allow  for  a  sim¬ 
ple  username/password  mechanism 
required  to  authenticate  against  an  existing 
user  database  with  encrypted  passwords, 
such  as  Unix  or  a  Lightweight  Directory 
Access  Protocol  directory,  vendors  have 
tried  to  shoehorn  this  into  PEAP  authentica¬ 
tion  methods.  The  results  are  predictable: 
Every  vendor  has  a  different  approach,  and 
that  translates  to  interoperability  failures. 

TTLS  has  the  opposite  problem:  There  are 
too  many  ways  to  do  the  same  thing.  So  if 
you  want  to  authenticate  against  a  Microsoft 
authentication  database  with  MS-CHAP-V2, 
there  are  two  ways  to  do  it  —  and  not  every 
vendor  allows  for  both  possibilities. 

Because  TTLS  and  PEAP  are  technically 
equivalent,  having  both  on  the  table  at  this 
stage  of  the  802. IX  implementation  is  a 
major  roadblock  to  interoperability.  During 
the  testing,  we  found  different  vendors  have 
implemented  different  drafts.  Even  Cisco 
and  Microsoft  —  the  two  vendors  driving 
PEAP,  have  chosen  an  incompatible  set  of 
inner  authentication  methods,  blocking  total 
interoperability.  Smaller  vendors,  such  as 
Meetinghouse  Data  Communications  and 
Interlink,  also  are  being  pushed  to  imple¬ 
ment  both  standards,  further  diluting  devel¬ 
opment  efforts  and  complicating  implemen¬ 


tation  and  interoperability.  While  time  will 
improve  interoperability,  having  the  IETF 
decide  the  TI  LS  vs.  PEAP  discussion  quick¬ 
ly  would  help  even  more. 

Users  who  want  to  use  simple  username/ 
password  have  another  option.  Dutch  net¬ 
work  security  firm  Alfa  &  Ariss  has  made 
available  a  freeware  TTLS  plug-in.  which 
adds  TTLS  with  Password  Authentication 
Protocol  (the  simple  username/password 
method)  support  to  Microsoft’s  built-in  Win 
2000  and  XP  802. IX  supplicant.  (For  a  down¬ 
load,  go  to  www.alfa-ariss.com )We  tested 
this  freeware  and  got  it  to  interoperate  with 
the  other  products  tested. 

If  you  want  to  use  TTI.S  or  PEAP  to 
authenticate  wireless  users,  hold  off  com¬ 
mitting  to  a  final  wireless  security  topology 
for  several  months  until  the  IETF  chooses  a 
final  direction. 

Setting  WEP  keys 

One  plus  for  802. IX  authentication  is  that 
wireless  access  points  maintain  a  fairly  neu¬ 
tral  position,  mostly  packing  and  unpacking 
EAP  (the  inner  protocol  being  carried  by 
802. IX)  packets  as  the  supplicant  talks  indi¬ 
rectly  to  a  RADIUS  server.  Inside  of  EAP  are 
the  actual  authentication  methods,  such  as 
TLS.  TTLS  and  PEAP.  However,  at  the  end  of 
the  process,  the  RADIUS  server  has  to  com¬ 
municate  with  the  access  point  to  give  it 
enough  information  to  set  the  WEP  keys. 
Without  this  final  step,  802. IX  authentica¬ 
tion  doesn’t  provide  an  encrypted  channel. 

Our  testing  discovered  a  number  of  cases 
Where  the  802. IX  authentication  succeeded, 
but  communications  between  the  RADIUS 
server,  the  access  point  and  the  supplicant 
fell  apart.  This  is  a  partic  ularly  difficult 
problem  to  debug,  not  only  because  it  has 
to  do  with  moving  encrypted  data  around, 
but  also  because  all  three  parties  have  the 
opportunity  to  make  errors. 

A  few  vendors  also  ran  into  problems  dur¬ 
ing  reauthentication  tests  called  for  by  the 
iLabs  test  plan,  because  these  went  beyond 
the  normal  cursory  checks  included  in  most 

See  iLabs,  page  66 

Renamed  MPLS 
team  looks  to 
services 


ILabs  has  a  deep-rooted  history  in 
testing  how  well  Multi-protocol 
Label  Switching  can  work  for  ser¬ 
vice  providers  and  their  corporate 
customers  (see  www.nwfusion.com, 
DocFinder:  5532).  After  several 
years  of  testing  basic  MPLS  support 
in  network  gear,  the  Advanced 
Internetworking  Initiative  iLabs 
team  is  looking  upward  at  the  tech¬ 
nologies  and  services  that  can  be 
delivered  across  MPLS-based  net¬ 
works.  The  team  is  targeting  how 
MPLS  can  carry  VPN  tunnels,  enable 
quality-of-service  technology,  and 
meet  the  demands  of  delivering  IPv6 
traffic. 
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CDW 

(800)  800-4GDW 
www.CDW.com 

CDW®  (Nasdaq:  CDWC),  a  FORTUNE® 
500  company,  is  a  leading  provider  of 
technology  products  and  solutions  for 
businesses,  government  agencies  and 
educational  institutions.  CDW  is  a 
leading  source  of  technology  products 
and  services  from  such  companies  as 
Cisco,  Computer  Associates,  Hewlett- 
Packard,  IBM,  Intel,  Microsoft, Toshiba 
and  many  more. 
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CyberGuard  Worldwide 
Global  Command  Center 
(954)  958-3900 
www.cyberguard.com/gcc 
Booth  #4767 

CyberGuard  is  the  hottest  ticket  at  N+l. 
Imagine  defining,  distributing  and  manag¬ 
ing  enterprise  security  policies  as  easily 
as  if  you  were  relaxing  in  your  favorite 
armchair  with  your  remote  control.  Visit 
booth  #4767  at  Networld+lnterop  and  see 
the  next  generation  central  management 
solution  from  CyberGuard.  Stay  for  a 
demo  and  you  could  win  a  PalmPilot®. 


Cyclades  Corporation 
AlterPath™  PM8 
(888)  CYCLADES 
www.cyclades.com 
Booth  #6327 

Cyclades,  a  data  center  fault  manage¬ 
ment  company,  enables  remote  manage¬ 
ment  of  servers,  network  equipment  and 
automation  devices.  Its  products  help 
data  center  managers  at  enterprise, 
telecommunication  and  Internet  compa¬ 
nies  to  maximize  network  and  server 
availability.  Cyclades  offers  scalable 
products  leveraging  Linux  technology  for 
flexibility,  ease  of  customization,  security 
and  innovation. 


ENTERASYS 

NETWORKS™ 

Enterasys  Networks 
Enterasys  Matrix  N-Series 
(978)  684-1000 
www.enterasys.com 
Booth  #6359 

Business-Driven  Networks ™  for 
Enterprise-Class  Customers.  With  a 
comprehensive  product  portfolio  — 
including  the  breakthrough  Matrix™ 
N-Series  multilayer  switch  platform  — 
Enterasys  Networks  provides  Business- 
Driven  Networks ™  to  the  world’s  most 
successful  enterprises.  Leveraging  the 
advanced  performance,  scalability  and 
manageability  found  in  innovations  like 
the  Matrix,  Enterasys  develops  integrat¬ 
ed  solutions  that  enhance  the  Security, 
Productivity  and  Agility  of  today's 
businesses. 
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F5  Networks 
(206)  272-5555 
www.f5.com 
Booth  #5469 

F5  Networks  is  the  industry  leader  in 
Application  Traffic  Management,  enabling 
enterprises  and  service  providers  to 
optimize  any  mission-critical  application 
or  Web  service  —  providing  secure  and 
predictable  delivery  of  application  traffic 
in  an  unpredictable  environment. 


FOUNDRY 

NETWORKS 

Foundry  Networks 
(408)  586-1700 
www.foundrynetworks.com 
Booth  #5749 

Foundry  is  a  leading  provider  of  high- 
performance  enterprise  and  service 
provider  switching,  routing  and  Web 
traffic  management  solutions,  including 
Layer  2/3  LAN  switches,  Layer  3 
Backbone  switches,  Layer  4-7  Web 
switches  and  Metro  routers.  Foundry 
is  one  of  the  leading  LAN  switching 
equipment  providers  for  the  enterprise 
and  service  provider  markets. 
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continued  from  page  64 

interoperability  tests.  As  with  IP  Security, 
reauthentication  is  a  problem  that's  hard 
to  test  for,  but  can  cause  major  user  dissat¬ 
isfaction  and  interoperability  failures 
down  the  road. 

Virtually  all  the  vendors  failed  one  test: 


setting  a  short,  40-bit  WEP  key.  While  most 
products  support  the  widely  accepted 
104-bit  WEP  keys,  802.  IX  compliance 
calls  for  40-bit  keys.  If  you  jumped  on  the 
wireless  bandwagon  early  and  bought 
cards  that  only  support  the  shorter  key 
length, you  might  want  to  consider 
replacing  any  40-bit-only  equipment  dur¬ 
ing  your  802. IX  rollouts. 


Is  it  standard  or  not? 

Because  802.1X,EARTTLS  and  PEAP 
are  relatively  young  standards  —  TTLS 
and  PEAP  are  still  drafts  —  there  is  not 
complete  agreement  on  how  to  interpret 
and  implement  them.  We  coached  a 
number  of  vendors  through  practices 
such  as  rekeying  sessions,  timing  of 
Dynamic  Host  Configuration  Protocol 


DO  YOUR 
NETWORK  & 
APPLICATIONS 
GET  ALONG? 

Imagine 

no  compatibility  issues, 
no  conflicts. 


Like  family,  IP-based  enterprise  networks  and  their 
applications  should  rely  on  each  other.  But  living 
under  the  same  roof  doesn't  guarantee  harmony. 
And  that  discord  comes  at  a  high  cost.  F5  products 
bring  everyone  into  perfect 
agreement  by  creating  a 
virtual  team  out  of  servers, 
applications,  WAN  links, 
data  centers,  security  devices  and  more  to  intelli¬ 
gently  deliver  information  over  any  IP  network. 

When  everyone  is  working  together,  you'll 
achieve  the  high  availability  performance  you 
need,  combined  with  an  efficient,  secure  network 
infrastructure  that  ensures  the  reliable  delivery  of 
Internet  traffic,  applications  or  Web  services — 
all  at  a  cost  you  can  afford. 

Imagine  harmony  that  produces  world-class 
performance.  To  learn  how,  download  our  free 
guide,  "Delivering  secure,  predictable  and  cost- 
effective  applications"  at  www.f5.com/atmnw. 

Or  call  800-916-7152. 
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requests,  virtual  LAN  (VLAN)  switching 
and  certificate  management. 

Although  these  implementation  choic¬ 
es,  such  as  how  to  select  a  VLAN  for  an 
802. IX  user,  wouldn’t  necessarily  cause 
failures,  they  could  mean  that  network 
managers  are  getting  something  different 
from  what  they  bargained  for,  at  least  until 
the  participating  vendors  begin  to  con¬ 
verge  on  one  approach  and  agree  form¬ 
ally  and  informally 

This  problem  wasn’t  specific  to  any  one 
kind  of  vendor. Some  of  the  newest  wire¬ 
less  switch  vendors  that  haven’t  even 
announced  products  had  standards  inter¬ 
pretation  issues.  However,  their  commit¬ 
ment  to  send  engineers  to  the  test  event 
paid  off.  Aruba  Networks  and  Trapeze 
Networks  were  able  to  quickly  update 
their  software  overnight  to  help  increase 
total  interoperability  with  other  vendors. 
The  biggest  players,  including  Microsoft, 
also  found  that  their  implementation  of 
the  standards  and  drafts  didn’t  match 
everyone  else’s. 

Most  vendors  told  us  that  they  will  follow 
two  paths:  whatever  the  standard  says,  or  if 
that’s  not  enough,  whatever  it  will  take  to 
interoperate  with  the  big  guys.  Because 
Microsoft  is  providing  an  802.  IX  client  in 
Win  2000  and  XR  most  consider  Microsoft’s 
PEAP  implementation  a  reference  they 
must  match. This  is  good  news  for  cus¬ 
tomers  who  are  counting  on  built-in  sup¬ 
port  in  Windows  and  want  to  use  the  PEAP 
path  for  authentication. 

Although  the  iLabs  testing  showed  that 
802.  IX  interoperability  isn’t  a  foregone 
conclusion,  the  number  of  vendors  and 
their  enthusiasm  towards  interoperability 
says  that  802.  IX  certainly  can  be  factored 
into  your  wireless  plans. 

Snyder  is  a  senior  partner  with  Opus  One, 
a  consulting  firm  in  Tucson,  Ariz.  He  can  be 
reached  at  joel.snyder<s>opusI  .com. 


Global  Test  Allia 


■  Snyder  is  a  member  of  the  Network 
World  Global  Test  Alliance,  a  cooperative  of 
the  premier  reviewers  in  the  network  in¬ 
dustry,  each  bringing  to  bear  years  of 
practical  experience  on  every  review.  For 
more  Test  Alliance  information,  including 
what  it  takes  to  become  a  member,  go  to 
www.nwfusion.com/alliance. 


Other  members:  Mandy  Andress, 
ArcSec;  John  Bass,  Centennial  Networking 
Labs,  North  Carolina  State  University; 
Travis  Berkley,  University  of  Kansas:  Bob 
Currier,  Duke  University;  Jeffrey  Fritz. 
University  of  California,  San  Francisco; 
James  Gaskin,  Gaskin  Computing 
Services;  Greg  Goddard.  University  of 
Florida;  Thomas  Henderson.  ExtremeLabs: 
Miercom,  Network  consultancy  and  prod¬ 
uct  test  center;  David  Newman,  Network- 
Test;  Christine  Perey,  Perey  Research  & 
Consulting;  Barry  Nance,  independent  con¬ 
sultant.  Thomas  Powell.  PINT. 
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Global 
Technology 
Associates,  Inc. 

Global  Technology 
Associates,  Inc. 

(407)  380-0220 
www.gta.com 
Booth  #6977 

Global  Technology  Associates,  developer 
of  Internet  Firewalls  for  over  10  years, 
offers  a  full  range  of  firewalls  for  all  sizes 
of  networks  —  from  desktop  and  rack¬ 
mounted  appliances  to  flexible  software 
based  firewalls  —  all  powered  by  ICSA 
Labs  Firewall  4.0  Corporate  Certified 
GNAT  Box  System  Software  —  Simple, 
Powerful,  Affordable. 
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Internet  Security 
Systems,  Inc. 

Proventia™  A  Series 
(888)  901-7477 
www.iss.net 
Booth  #6897 

Built  on  the  world's  leading  security 
intelligence  and  technologies,  Internet 
Security  Systems'  Proventia™  A  Series 
dynamic  threat  protection  appliances 
reduce  costs  through  simplified  deploy¬ 
ment,  streamlined  management  and  max¬ 
imized  protection.  A  Series  appliances 
complement  all  other  ISS  network,  server 
and  desktop  protection  agents  and  can 
be  centrally  managed  with  one  security 
management  platform:  SiteProtector™. 
Ongoing  X-Press  Updates™  provide  the 
most  up-to-date  protection  against  known 
and  unknown  attacks. 


MAXRAD,  Inc. 

(800)  323-9122 
www.maxrad.com 
Booth  #6827 

Wireless  In-Building  Antennas.  MAXRAD’s 
Michelangelo™  line  of  in-building  anten¬ 
nas  is  designed  to  optimize  wireless 
coverage  for  specific  wireless  voice  and 
data  network  applications.  Our  catalog 
includes  over  30  different  models  that 
provide  shaped  coverage  for  cellular  and 
PCS  voice  networks,  wireless  LANs, 
wireless  Enterprise  networks,  Hotspots, 
as  well  as  asset  tracking  and  RF  ID 
applications.  We  utilize  aesthetically 
pleasing  industrial  designs  and  UL  listed 
materials  and  cable  that  comply  with  the 
strictest  building  code  specifications.  For 
further  information,  please  visit  our  web¬ 
site  at  www.maxrad.com.  Visit  us  at  N-H 
Booth  #6827. 


MARVELL® 

Marvell 
(408)  222-2500 
www.marvell.com 
Booth  #5443 

Marvell®  is  the  leading  global  semicon¬ 
ductor  provider  of  complete  broadband 
communications  solutions  for  the  data 
communications  and  storage  markets. 
The  Company’s  diverse  product  portfolio 
includes  switching,  transceiver,  communi¬ 
cations  controller,  wireless,  and  storage 
solutions  that  power  the  entire  communi¬ 
cations  infrastructure,  including 
enterprise,  metro,  home,  and  storage 
networking. 


Micromuse 

NETCOOL*  SOLUTIONS 

Micromuse 

Netcool®  Service  and  Business 

Assurance  Software 

(415)  538-9090 

www.micromuse.com 

Booth  #6285 

Micromuse  is  the  leading  provider  of  busi¬ 
ness  and  service  assurance  software. 

We  help  you  manage  —  in  realtime  - 
the  critical  business  applications  and 
services  that  drive  profits.  Netcool 
solutions  provide  accurate,  end-to-end 
visibility  all  the  way  from  business 
infrastructure  to  the  customer.  Rapidly 
deployable  and  easy  to  use,  the  Netcool 
suite  enables  organizations  to  streamline 
processes  and  preempt  problems  to 
improve  business  uptime. 
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nauticus 

Nauticus  Networks 

The  Nauticus  N2000  Series  of 

Intelligent  Data  Center  Switches 

(508)  270-0500 
www.nauticusnetworks.com 
Booth  #4136 

The  Nauticus  N2000  Series  of  Intelligent 
Data  Center  Switches  integrates  high 
performance  network  and  security 
application  services  such  as  attack 
protection,  denial  of  service  mitigation, 
and  advanced  URL  and  application  level 
filtering,  with  load  balancing,  layer  4-7 
application  switching,  and  SSL  accelera¬ 
tion.  The  result  is  drastically  simplified 
operations,  reduced  costs,  and  improved 
security,  performance,  and  availability. 
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NETWORK  HARDWARE  RESALE 

Network  Hardware  Resale 
(800)  451-3407 
www.networkhardware.com 
Booth  #6335 

Network  Hardware  Resale  buys  and 
sells  USED  CISCO,  Juniper  and  Extreme 
routers,  switches,  access  servers, 
interface  modules,  and  accessories. 
Network  Hardware  Resale  is  one  of  the 
world's  largest  suppliers  of  Used  Cisco. 
Companies  who  buy  through  Network 
Hardware  Resale  receive  50-90% 
discounts  off  list  for  fully  tested  and 
guaranteed  equipment. 
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Spectrum  Control,  Inc. 

AC  SMARTstart  Jr. 

(814)  474-2207 
www.specpower.com 
Booth  #6438 

At  Networld+lnterop  Spring  2003, 
Spectrum  Control  will  introduce  the 
improved  AC  SMARTstart  Jr.  from  its  line 
of  SMARTstart  and  SHARPstart  power 
distribution  units.  The  AC  SMARTstart  Jr. 
power  distribution  unit  (PDU)  for  remote 
and/or  local  power  management  now 
features  an  easy-to-use  on-board  web 
browser  that  facilitates  simple  outlet 
control  to  cycle  power  to  locked-up 
servers  and  other  networking  equipment. 
In  addition  to  the  new  on-board  web 
browser,  the  updated  SMARTstart  Jr. 
also  features  a  30-amp  total  capacity 
at  120  VAC  or  15-amp  total  capacity  at 
230  VAC  for  8  outlets.  This  configuration 
is  ideal  for  industrial  applications. 
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Trapeze  Networks 
(925)  474-2200 
www.trapezenetworks.com 
Booth  #5669 

The  Trapeze  Networks  wireless  LAN 
Mobility  System  delivers  the  power 
of  business  applications  to  the  mobile 
enterprise  workforce.  Our  systems 
enhance  productivity,  introduce  new 
efficiencies,  and  accelerate  business 
response  time.  We  enable  your  success 
by  delivering  secure  mobility  to  users, 
planning  and  deployment  tools  to  your 
IT  team,  and  seamless  integration  with 
existing  networks. 


NETWORK  HARMONi 

NETWORK  HARMONi  Inc. 

Operation  Center 

(858)  523-2400 
www.networkharmoni.com 
Booth  #4440 

Network  Harmoni  is  an  award  winning 
software  development  company  that 
provides  solutions  for  IT  Infrastructure 
management.  Their  products  include  the 
HARMONi  Suite,  a  collection  of  program¬ 
mable  SNMP  agents  and  Operation 
Center,  a  web-based  enterprise  manage¬ 
ment  framework  that  combines  fault  and 
performance  monitoring  with  intuitive 
root-cause  analysis  for  quicker  problem 
resolution. 
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WatchGuard  Firebox 
V200  firewall/VPN 


SOHO  vendor 
moves  into 
high-end  arena 


BY  DAVID  NEWMAN,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 


atchGuard  Technologies,  a  leader  in  small  office/home  office  firewall/ 
VPN  appliances,  is  targeting  the  big  boys  with  a  high-end  device  aimed 
squarely  at  Ciscos  PIX  535  and  NetScreen  Technologies’  NetScreen-5200. 


On  the  plus  side,  the  $60,000  device  is  a  lot  less  expensive  than  competing  prod¬ 
ucts  from  Cisco,  NetScreen  or  Nokia,  and  its  management  graphical  user  interface 
will  be  familiar  to  users  of  other  WatchGuard  products. 

And  in  our  tests,  WatchGuard’s  V200  set  up  an  impressive  42,000  concurrent  IP 
Security  (IPSec)  tunnels, a  useful  capability  when  dealing  with  huge  numbers  of  dial¬ 
up  users  in  an  corporate  setting. 

But  on  the  minus  side,  the  latest  beta  unit  bore  out  the  adage  that  security  always 
comes  with  a  performance  cost.  Even  with  a  much-reduced  number  of  IPSec  tun¬ 
nels  in  place,  the  V200’s  latency  and  throughput  were  much  degraded  compared 
with  its  performance  when  configured  as  a  firewall. 

The  V200  offers  firewall, VPN  and  network  address  translation  via  two  Gigabit  Ether¬ 
net  interfaces.The  V200  also  offers  Border  Gateway  Protocol  routing  and  two  out-of- 
band  interfaces  for  high-availability  applications. 

We  assessed  the  V200  with  seven  different  performance  measurements  (see  how 
we  conducted  our  test  at  www.nwfusion.com,  DocFinder:  5628).  Besides  determin¬ 
ing  IPSec  tunnel  capacity,  we  also  measured  latency  and  throughput  with  IPSec  con¬ 
figured  and  with  two  and  1,000  firewall  rules  in  place. 

IPSec  tunnel  capacity 

We  established  42,000  tunnels  using  Spirent  Communications’  SmartBits 
analyzer  running  TeraVPN  test  software.  These  were  fully  formed  tunnels  that 
dial-up  users  would  build  when  connecting  through  a  V200.  Each  tunnel  con¬ 
sisted  of  an  Internet  Key  Exchange  (IKE)  session  and  pair  of  one-way  security 
associations. 

It’s  important  to  apply  this  three-element  definition  of  tunnels  —  one  IKE  session 
plus  two  one-way  security  associations  —  when  assessing  VPN  gear  for  dial-up  use.  A 
common  trick  in  VPN  specsmanship  is  to  set  up  impressively  large  numbers  of  secu¬ 
rity  associations  but  neglect  to  mention  that  all  security  associations  were  set  up  with 
one  IKE  session. 

The  issue  is  that  many  IPSec  devices  employ  high-speed  silicon  for  encryption  but 
not  for  key  exchange.  The  V200  has  eight  ASICs  for  acceleration  of  key  exchange, 
encryption  and  firewall  rule  processing. 

The  V200  offered  impressive  tunnel  capacity,  but  the  beta  version  shone  a  bit 
less  brightly  when  it  came  to  moving  packets  through  those  tunnels.  We  mea¬ 
sured  throughput  with  42,000  pairs  of  security  associations  between  a  pair  of 
V200  devices,  and  we  also  tried  a  few  test  runs  with  4,096  concurrent  tunnels, 
but  there  wasn’t  any  traffic  level  we  could  offer  where  packet  loss  was  zero. 

This  isn’t  to  say  that  the  V200s  can’t  forward  traffic  through  all  42,000  pairs  of 
security  associations.  In  some  cases  (such  as  with  1,440-byte  frames,  the  optimal 
length  for  IPSec  testing),  the  amount  of  packet  loss  was  trivial.  Nonetheless, 
the  Internet  Engineering  Task  Force  defines  throughput  as  the  highest  rate  with 
zero  loss. 

Our  workaround  for  the  latency  and  throughput  tests  was  to  scale  back  to  64 
pairs  of  security  associations  (all  done  with  one  IKE  session,  a  limitation  of  the 
back-to-back  device  configuration  we  used).  In  that  less-stressful  configuration, 
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WatchGuard  Firebox  V200 

Company:  WatchGuardTechnologies,  www. 
watchguard.com  Cost:  $60,000.  Pros:  New 
hardware  supports  very  large  numbers  of 
IPSec  tunnels;  no  performance  hit  for  large 
number  of  firewall  rules.  Cons:  Late  beta 
hardware  and  software  exhibited  elevated 
packet  loss  and  latency  with  IPSec  configured. 


WatchGuard  Firebox  V200  latency 

Average  latency  is  four  to  six  times  higher  when  the  V200  is  configured 
as  an  IPSec  gateway  than  when  it  serves  as  a  firewall.  There’s  not 
much  difference  between  average  latency  for  1,440-  and  1,518-byte 
frames,  even  though  the  latter  are  fragmented  and  reassembled. 

Latency  across  two  systems;  lower  numbers  are  better 
Average  latency  (microseconds) 
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WatchGuard  Firebox  V200  throughput 

Although  throughput  declines  sharply  when  the  V200  handles  short 
or  medium-length  frames,  the  results  are  identical  even  when  a  large 
number  of  firewall  rules  are  configured.  As  with  the  latency  tests, 
enabling  IPSec  on  the  V200  has  a  negative  impact  on  throughput. 

Throughput  across  two  systems;  higher  numbers  are  better 
Throughput  (percentage  of  theoretical  maximum  rate) 
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theV200  forwarded  traffic  without  loss. 

Dealing  with  delay 

We  measured  latency  and  throughput  in  three  configurations:  with  eight  pairs  of 
IPSec  security  associations  configured  between  V200s;  with  IPSec  disabled  and  two 
firewall  rules  in  place;  and  with  IPSec  disabled  and  1,000  firewall  rules  in  place. 

Latency  is  higher  with  IPSec  enabled  than  without  it  —  about  four  to  six  times 
higher  (see  Figure  1,  above).  The  most  pronounced  increase  was  for  1,518-bvte 
frames,  the  maximum  length  allowed  in  Ethernet.  We  observed  average  latency  of 
818  microsec  across  a  pair  of  V200s. 

Added  delay  for  maximum-length  frames  is  not  surprising,  considering  that 
IPSec’s  encapsulating  security  payload  method  fragments  and  then  reassembles 
these  frames.  Given  the  added  processing  involved,  an  extra  100  microsec  of 
latency  —  818  microsec  vs.  725  microsec  for  unfragmented  1,440-byte  frames  — 
is  not  a  huge  increase. 

Latency  with  IPSec  disabled,  but  with  firewall  rules  enabled,  was  far  lower 
More  impressive  still  was  that  latency  was  essentially  the  same  with  two  firewall 
rules  configured  or  1,000  rules. That’s  because  the  V200  loads  all  firewai!  rules 
onto  its  ASICs. 
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Testing  throughput 

Throughput,  like  latency  is  lower  on  the 
V200  when  IPSec  is  enabled  than  when  it’s 
acting  purely  as  a  firewall.  In  this  test,  there 
was  a  significant  throughput  difference  de¬ 
pending  on  whether  the  V200  had  to  frag¬ 
ment  frames  (see  Figure  2,  page  69). 

With  maximum-size  1,518-byte  frames, 


which  get  fragmented,  throughput  was 
equivalent  to  about  23%  of  line  rate.  With 
1,440-byte  frames,  which  IPSec  doesn’t  frag¬ 
ment,  throughput  more  than  doubled  to 
the  equivalent  of  54%  of  line  rate,  or  nearly 
533M  bit/sec. 

The  V200’s  throughput  compares  favor¬ 
ably  with  the  440M  bit/sec  claimed  by 


Cisco  for  its  flagship  PIX-535  in  a  similar 
configuration,  but  it’s  less  than  the  line-rate 
numbers  NetScreen  cited  for  its  flagship 
NetScreen-5200  line. 

The  throughput  picture  was  brighter 
when  we  configured  the  V200  strictly  as  a 
firewall.  For  all  frame  lengths,  throughput 
with  1,000  rules  in  place  is  virtually  identi- 


You're  faced  with  it  every  day  —  users  demanding  access  to  data  from  anywhere  at  anytime, 
which  means  you  need  to  meld  storage  into  every  aspect  of  the  enterprise.  You  need  a  well- 
tested  disaster  recovery  plan.  You  have  to  account  for  the  security  of  customer  information. 

And  you're  under  pressure  to  support  the  enormous  amounts  of  information  applications  are  churning 
out.  Where  do  you  begin  tackling  these  storage  challenges?  Come  to  Network  World's  Storage 
Technology  Tour,  "Shoring  Up  Your  Enterprise  Strategy,"  where  storage  expert  Steve  Duplessie  and 
leading  industry  vendors  help  you  put  together  a  comprehensive  storage  strategy. 
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TECHNOLOGY  TOUR 


Complimentary  Event  for  Qualified  Attendees! 


REGISTER  TO  ATTEND  IN  A  CITY  NEAR  YOU! 

June  10  ►  Boston,  MA  ►  Sheraton  Tara  Framingham 
June  12  ►  Washington,  DC  ►  JW  Marriott 
June  24  Chicago,  IL  ►  Hyatt  Regency  0' Hare 

June  26  ►  San  Jose,  CA  ►  Silicon  Valley  Conference  Ctr. 


6  storage  lessons  to  make  your  enterprise  a  success: 

■  Paper  trails.  Understand  the  impact  of  HIPAA,  SEC 
restrictions  and  other  regulatory  issues. 

a  Pick  your  pipe.  Determine  whether  Gigabit  Ethernet  or 
Fibre  Channel  is  best  for  your  environment. 

■  More  bang  for  your  buck.  The  role  of  virtualization  and 
consolidation  in  maximizing  your  resources. 

■  Disaster  recovery  goes  the  distance.  Examine  Fibre 
Channel  over  IP  and  other  emerging  technologies  moving 
storage  across  the  wide  area. 


Sign  up  for  one  of  these  cities  today  and 
let  the  storage  experts  keep  you  ahead 
of  the  curve! 


a  The  path  of  iSCSI.  How  standards  like  iSCSI  will  fit  into 
the  enterprise. 

a  SAN  vs.  NAS  no  more.  How  block-oriented  and  file- 
oriented  systems  are  merging. 


PRE-REGISTRATION  IS  RE0UIRE0.  RESERVE  YOUR  SEAT  NOW! 

Online  at  www.nwfusion.com/events/storage2.jsp  or  call  800-643-4668 
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NETWORKS  V. 


This  event  is  limited  to  Network  and  IT  professionals  involved  in  the  evaluation  and  purchase  of  storage  products  and  services. 
Network  World  reserves  the  right  to  determine  total  audience  profile. 

To  sponsor  this  Network  World  event  or  if  you  are  interested  in  on-site  training  for  your  company,  contact 
Andrea  D'Amato  at  508-490-6520  or  adamato@nww.com. 


cal  to  throughput  with  just  two  Riles  con¬ 
figured.  WatchGuard  credits  the  V200’s 
ASICs  for  the  fact  that  firewall  rules  have 
essentially  zero  performance  cost. 

However,  there  is  a  substantial  perfor¬ 
mance  cost  when  it  comes  to  pushing 
medium-  and  short-length  frames  through 
the  V200.  When  handling  1,440-  and  1,518- 
byte  frames,  a  pair  of  V200s  configured  as 
firewalls  will  forward  traffic  at  line  rate  with¬ 
out  loss.  When  forwarding  256-byte  frames, 
the  highest  rate  at  which  the  same  configu¬ 
ration  will  move  traffic  without  loss  is  equiv¬ 
alent  to  about  54%  of  line  rate.  With  mini¬ 
mum-length  64-byte  frames,  throughput  falls 
to  the  equivalent  of  10%  of  line  rate. 

Given  that  the  average  frame  length  for 
TCP/IP  traffic  is  close  to  256  bytes,  and  that 
TCP  packets  must  receive  64-byte  acknowl¬ 
edgement  frames  in  return,  it  can  be  said 
that  the  V200  will  deliver  more  than  ade¬ 
quate  throughput  on  networks  with  light  to 
medium  loads.  Users  on  heavily  utilized 
segments  might  experience  packet  loss. 


Newman  is  president  of  Network  Test  in 
Westlake  Village,  Calif.,  an  independent 
benchmarking  and  network  design  con¬ 
sultancy.  He  can  be  reached  at  dnew 
man  @networktest.  com. 

Network  Test  and  Network  World  thank 
Spirent  Communications  for  supplying  its 
SmartBits  test  system  and  TeraVPN software, 
and  for  helping  develop  and  troubleshoot 
the  scripts  used.  Special  recognition  goes  to 
Spirent's  Bob  Anderson,  Eddie  Arrage,  Paul 
East,  Debbie  Landis,  and  Davison  Zhang. 
Thanks,  too,  to  Extreme  Networks’  Huy 
Nguyen,  who  supplied  Summit  workgroup 
switches  for  the  test  bed. 
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Global  Test  Allia 


■  Newman  is  a  member  of  the  Network 
World  Global  Test  Alliance,  a  cooperative  of 
the  premier  reviewers  in  the  network  in¬ 
dustry,  each  bringing  to  bear  years  of 
practical  experience  on  every  review.  For 
more  Test  Alliance  information,  including 
what  it  takes  to  become  a  member,  go  to 
www.nwfusion.com/alliance. 

Other  members:  Mandy  Andress,  ArcSec; 
John  Bass,  Centennial  Networking  Labs,  North 
Carolina  State  University:  Travis  Berkley,  Uni¬ 
versity  of  Kansas:  Bob  Cumer,  Duke  Univer¬ 
sity:  Jeffrey  Fritz.  University  of  California.  San 
Francisco:  James  Gaskin,  Gaskin  Computing 
Services;  Greg  Goddard,  University  of  Florida; 
Thomas  Henderson,  ExtremeLabs;  Miercom. 
Network  consultancy  and  product  test  center; 
Christine  Perey,  Perey  Research  &  Consulting; 
Barry  Nance,  independent  consultant.  Thomas 
Powell,  PINT.  Joel  Snyder,  Opus  One. 


Rose  Electronics 
UltraLink,  KVM  access  over  IP 
(800)  333-9343  /  (281)  933-7673 
www.rose.com 
Booth  #6637 

UltraLink  sets  a  new  standard  in  remote 
management  of  server  room  environ¬ 
ments.  The  UltraLink  digitizes,  scales, 
compresses,  and  encrypts  the  remote 
computer’s  video,  and  packetizes  it  into 
the  TCP/IP  protocol.  This  process  allows 
you  to  access  remote  computers  from 
anywhere.  Call  Rose  to  learn  more  about 
KVM  Access  over  IP,  KVM  Switches, 
and  Extenders. 
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Tripwire,  Inc. 

(503)  276-7500 
www.tripwire.com 
Booth  #7069 

Tripwire®  Integrity  Assurance  software 
ensures  the  security  and  availability 
of  servers  and  network  devices,  while 
enabling  increased  efficiencies  and 
control  over  IT  infrastructure  across 
organizations  worldwide.  Tripwire 
identifies  change-accidental  or  malicious, 
from  outside  or  within,  and  is  the  only 
way  to  know  that  your  data  remains 
uncompromised. 
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Unisys 
Unisys  ES7000 
(800)  548-3443 
www.wehavethewayout.com 

Unisys  is  a  worldwide  information  tech¬ 
nology  services  and  solutions  company. 
Our  people  combine  expertise  in  systems 
integration,  outsourcing,  infrastructure, 
server  technology  and  consulting  with 
precision  thinking  and  relentless  execu¬ 
tion  to  help  clients,  in  more  than  100 
countries,  quickly  and  efficiently  achieve 
competitive  advantage.  For  more  informa¬ 
tion,  visit  www.unisys.com. 


VBrick  Systems 
VBXcast 
(203)  265-0044 
www.VBrick.com 
Booth  #6048 

VBrick’s  VBXcast,  a  network  video  appli¬ 
ance,  enables  businesses  to  simply 
"plug  in"  and  broadcast  or  distribute 
video  communications  to  and  from  any¬ 
one,  anywhere,  on  any  network.  Using 
the  most  advanced  MPEG-4  compression 
technology,  employees  can  take  advan¬ 
tage  of  the  rich  experience  of  video 
simply,  affordably  and  reliably.  Whether 
you're  on  a  corporate  network  or  on  a 
remote  Internet  connection,  VBXcast 
brings  you  live  company  news,  education 
and  training  where,  when  and  how  you 
need  it. 
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Vernier  Networks,  Inc. 

The  Vernier  Networks  System™ 
(650)  528-4020 
www.verniernetworks.com 
Booth  #7153 

See  the  award  winning  Vernier  Networks 
System™,  Booth  7153,  and  win  an  authen¬ 
tic  49er  football  helmet  signed  by  Jerry 
Rice!  Vernier's  unique  wireless  security 
and  management  solution  provides  fine¬ 
grained  access  control,  centralized 
management,  and  seamless  roaming, 
enabling  companies  to  deploy  and 
manage  802.11  networks  ranging  from 
10s  to  1000s  of  access  points. 
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Western  Telematic,  Inc. 
Remote  Network  Management 
(800)  854-7226 
www.wti.com 
Booth  #4446 

Network  managers  around  the  world  use 
WTI's  NetReach™  products  to  support 
and  manage  their  network  equipment. 
NetReach  products  provide  secure,  dial¬ 
up  access  to  remote  network  devices. 
Even  when  your  network  is  down, 
NetReach  products  allow  access  to 
remote  sites  for  power/reboot  control, 
multi-port  switching,  alarm  management 
and  lOBaseT  patch  routing. 
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o  product  from  VBrick  Systems!  VBSTAR  strean 
le  video  to  an  internal  hard  drive,  then  sends  il 


Education: 

In  classes  or  on  a  school 
intranet,  VBSTAR  receives 
and  stores  DVD  quality 
video,  eliminating  the 
need  for  videotapes,  CDs, 
and  disks.  Lectures  and 
other  scholastic  events 
are  available  for  on- 
demand  viewing  on  TVs 
and  networked  PCs. 


Corporate: 

Provide  corporate  mes¬ 
sages,  training,  and  tech 
nical  information  to 
remote  offices  to  be 
viewed  on  TV  monitors 

and  desktops.  DVD 

•  , 

quality  video  improves 
corporate  communica¬ 
tions  over  any  network, 
anytime. 


Advertising: 

Locate  remote  VBSTARs  at 
retail  outlets,  trade  shows, 
or  other  public  locations. 
Record  your  content  with 
VBSTAR  and  transfer  the 
video  to  remote  VBSTARs. 
Deliver  timely  advertising 
messages,  maximizing  sales 
and  focusing  customer 
mind  share. 
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III 


www.nwfusion.com 

mm 

NetworkWorld 

rams 

Managemen^fr  «  ^  ^-SS 

i  srrateg  ibs . 

^^"^BUSINESS  JUSTIFICATION 

Customized  collaboration 

Navy  unit  replaces  outdated  database  with  Web-based  system  that  gives  users  control  of  information. 


■  BY  JOHN  FONTANA 

its  very  nature,  the  U.S.  Navy  is  infused 
units  that  think  and  act  in  an  estab- 
led  and  tactical  way,  which  might  not  be 
the  best  environment  for  rolling  out  new 

)ftware. 

it  was  in  that  atmosphere  that  the  Navy’s  Tactical 
lation  Technology  Integration  Program  Office 
'  IPO)  rolled  out  Web-based  collaboration  software 
create  its  Secure  Information  Management  Envir- 
it  (SIME).The  program  management  system  sup- 
i  two  missile  programs  that  are  a  collaborative  effort 
1 12  organizations.The  software  provides  threaded 
sions,  document  sharing,  workflow,  chat  and  instant 

TacIT  IPO  deployed  the  software  nearly  three  years  ago 
to  replace  an  aging  and  costly  database-collaboration 
system  that  had  limited  sharing  capabilities  and  re¬ 
quired  users  to  funnel  new  documents  through  a 
centralized  administrator  for  posting. 

While  TacIT  IPO  can’t  reveal  what  it 
spent  to  deploy  the  system,  the  total 
of  cost  ownership  is  lower  than 
the  previous  system. 


which  required  more  applications  and  administrative 
overhead. 

TacIT  IPO,  which  provides  IT  solutions  to  a  variety  of 
Navy  offices,  has  just  completed  Department  of  Defense 
security  certification  of  SIME,  which  is  built  on 
SiteScape’s  Forum  software  running  on  Netscape  Web 
Server  software  and  serving  nearly  3,000  users.  Now  TacIT 
IPO  is  actively  recruiting  other  units  of  the  Navy  and 
branches  of  the  military  to  adopt  its  model  of  Web-based 
program  management. 

“The  Navy  is  recognizing  that  a  lot  of  these  business  prac¬ 
tices  that  have  occurred  for  years  and  years  have  not 
changed  and  they  want  to  be  more  up-to-date  with  the  way 
work  is  done,”  says  Jeffrey  Thompson,  technical  services 
director  for  TacIT  IPO.  “Today  if  you  are  going  to  be  in  the 
Navy  and  running  on  Navy  networks,  you  are  going  to  be 
Web-enabled,  but  you  still  run  into  outfits  resistant  to  that 
change.” 

The  first  order  of  business  for  TacIT  IPO 
was  to  replace  its  government  off-the-shelf 
(GOTS)  software  with  commercial  off-the- 
shelf  software  from  SiteScape.  GOTS  is  home¬ 
grown  software  that  is  notoriously  difficult  to 
manage,  maintain  and  modify, Thompson  says. 
TacIT  IPO  took  on  the  challenge  of  switching  sys¬ 
tems  by  customizing  SiteScape  Forum  to  closely 
mimic  the  look  and  feel  of  GOTS  software  to  minimize 
retraining,  and  then  hooking  users  with  new  col¬ 
laboration  features. 

“We  elected  to  do  the  implementation 
this  way  so  that  when  the  end  users  came 
in  to  work  on  Monday  after  the  migration, 
they  would  not  have  ‘shell  shock’  from  a 
new  system  they  were  not  familiar 
with,”  says  Sandy  Grove,  inform¬ 
ation  services  director  for 
TacIT  IPO. 

With  SIME,  users  can  input 
and  update  the  data,  eliminat¬ 
ing  a  bottleneck  of  the  original 
software.  The  new  system  also 
added  individual  teamwork 
areas,  workflow,  more  detailed 
action  item  consolidation/input,  in¬ 
line  CAD  viewing  and  e-meetings. 

The  Navy  also  chose  SiteScape 
because  the  vendor’s  browser- 
based  client  integrates  with  the 
Defense  Department’s  public-key 

Left  to  right  Jeffrey  Thompson, 
Sandy  Grove  and  Phillip  Butch  of 
the  Navy's  TacIT  IPO  invested  three 
months  customizing  SiteScape's 
collaboration  system  to  meet  the 
Navy's  needs. 


infrastructure  model  for  security,  which  provides  certifi¬ 
cate-based  single  sign-on.The  integration  has  been  a  bless¬ 
ing  because  TacIT  IPO  does  not  have  to  provide  or  main¬ 
tain  the  security  infrastructure, Tlrompson  says. 

Another  challenge  forTacIT  IPO  was  working  within  the 
Navy/Marine  Corp.  Internet  (NMCI),an  entity  established 
as  part  of  a  federal  project  to  standardize  desktops, 
servers  and  network  connectivity  Although  not  a  part  of 
NMCI,  TacIT  IPO  is  required  to  incorporate  NMCI’s  stan¬ 
dards  as  part  of  SIME,  which  means  SIME’s  desktop  client 
had  to  be  a  Microsoft  or  Netscape  browser  and  SiteScape 
had  to  support  mandated  ports  and  protocols. 

NMCI  also  mandates  Web-based  infrastructure,  which 
was  a  plus  because  it  ensured  SIME  could  traverse  fire¬ 
walls  within  the  military  and  those  of  outside  contractors. 
“NMCI  puts  an  infrastructure  in  place  that  we  don’t  have 
to  build;  we  just  ride  on  top  of  it,”  says  Phillip  Butch,  pro¬ 
gram  manager  of  TacIT  IPO. 

With  the  regulations  met  and  the  infrastructure  in  place, 
TacIT  IPO  had  three  people  working  three  months  with 
SiteScape  engineers  to  craft  the  interface  and  methodol¬ 
ogy  behind  the  system. The  software  was  rolled  out  over 
a  weekend. 

Today,  three  technical  staff  members  and  three  help 
desk  workers  maintain  SIME.  Twice  a  year,  TacIT  IPO 
brings  roughly  20  of  SIME’s  power  users  in  for  a  round¬ 
table  discussion  about  needed  upgrades.  The  first  year 
the  round  table  requested  40  modifications,  but  as  of  late 
last  month  that  number  was  down  to  one. 

“One  of  the  challenges  had  been  keeping  up  with  the 
user  demands,  but  now  the  system  is  maturing,” 
Thompson  says.'This  is  truly  a  user-driven  tool,  and  they 
are  the  ones  that  make  the  changes.” 

The  users  have  produced  one  significant  add-on  mod¬ 
ule  called  Tactical  Calendar,  Action-item  and  Meeting 
Management,  which  fulfills  the  Defense  Department’s  crit¬ 
ical  program  management  requirements  because  it  gives 
officers  a  high-level  view  of  which  projects  are  on-track 
and  which  managers  are  accountable  for  those  efforts. 

IT  maintains  the  Netscape  Web  server  that  supports 
SiteScape  Forum  and  five  Microsoft  SQL  Server  data¬ 
bases  that  house  supporting  documents,  discussion 
threads  and  other  data.  The  entire  platform  runs  on 
Windows  2000  and  NT. 

The  staff  also  maintains  a  Netscape  Directory  Server 
authentication,  a  Netscape  Messaging  Server  for  e-maii 
notifications  and  a  Veritas  back-up  server  that  can  restore 
full  system  function  in  less  than  four  hours. 

“For  a  lot  of  people  in  the  [Defense  Department]  and 
Navy,  becoming  Web-enabled  is  a  challenge,”Thompsou 
says.“But  we  have  already  met  those  challenges.The  nig 
thing  now  is  to  make  other  organizations  understand 
that  there  is  a  better  way  to  do  business  and  have  thorn 
want  to  make  a  change,  and  that  really  has  been  Lard 
for  us.”  ■ 


EASIER  TO  USE 

•  Access  and  control  servers  from  any  location  using  Avocent's 
KVM  OVER  IP™  switching 

•  AVWorks  software  is  included  with  AutoView  1000R/2000R 
switches.  Provides  a  single  interface  to  access  servers  and 
network  devices 

•  User-friendly  interface  lets  you  organize  the  attached  servers.  Use 
logical  naming  conventions  to  group  your  servers  by  type,  site, 
location  or  department.  No  need  to  remember  each  IP  address! 

•  Wizard-based  installation  drastically  reduces  the  time  required  for 
setting  up  similar  technologies 


MORE  ADVANCED  FEATURES 


•  Servers  are  attached  using  intelligent  CAT  5  server  interface 
modules  that  reduce  cable  issues  in  the  rack 

•  Assign  granular  security  permissions  for  each  individual  port 
number  with  Java-based  AVWorks  software 

•  Comprehensive  security  includes  authentication  and  data 
transfers  using  SSL  connections 

•  Supports  DES,  3DES  and  128bit  encryption 


AutoView  KVM  Switches 


Users 

Servers 

Platforms 

Cabling 

KVM  OVER  IP™ 
Remote  Access 

Software 

AutoView  1000R 

1  local,  1  digital 

16 

PS/2,  Sun 

USB 

CAT  5 
AVRIQ 

Yes 

AVWorks  and 
OSCAR 

AutoView  2000R 

1  local,  2  digital 

16 

PS/2,  Sun 

USB 

CAT  5 
AVRIQ 

Yes 

AVWorks  and 
OSCAR 

Also  Available 
AutoView  2000 

2  local 

16 

PS/2,  Sun 

USB 

CAT  5 
AVRIQ 

No 

OSCAR 

Call  for  an  Avocent  Authorized  Reseller  near  you 

1*866*286*2368  ext.  3006 


Special  offer  on  these  new  switches:  Download  your  free 
copy  of  Avocent's  Definitive  KVM  Buyer's  Guide  at 
www.avocent.com/guide  or  call  1-866-286-2368  ext.  3006. 

>  r  c  A,  *  logo.  Ac* ©Vi**,  AVWo rfc®  KVM  OVER  IP  and  The  Power  of  Bang  There  are  trademark®  of  Avocent  Corporation  Copyright  C  2003 
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With  Cyclades,  the  only  thing 
missed  at  your  data  center... 


Remote  Access 

PCMCIA  supporting  modem,  ISDN, 

GSM,  Wireless  LAN 

Security 

SSH  vl  &  v2,  LDAP,  Kerberos,  TACACS+, 
RADIUS,  Secure  ID 

Dual  Power  Supply 
(AC  &  DC) 

High  availability  when  power  fails 

Dual  Ethernet 

PCMCIA  supporting  additional  ethernet 
for  redundancy 

Port  Density 

1,4,8,16,32  or  48  ports  in  1U  rack  space 

Best  Hardware  for  Linux” 
since  1995. 


Our  console  servers  give  you  all  the  freedom 
you  need  to  manage  your  networks  and  servers 
anytime,  anywhere. 

Which  is  why  Cyclades  sells  more  console  servers  than  anyone 
else  in  the  industry. 

The  AlterPath" ACS  offers  the  industry's  only  combination  of 
dual  power  supply  and  PCMCIA  slots  for  enhanced  redundancy 
and  functionality.  And  because  our  technology  is  based  on 
Open  Source  Software  (Linux),  you  benefit  from  innovative 
products  that  offer  flexibility,  ease  of  customization  and 
a  high  level  of  security. 

With  Cyclades  console  servers,  you  get  the  convenience  and 
security  you  need  to  access  and  manage  all  of  the  console  ports 
in  your  data  center  at  anytime,  from  anywhere  in  the  world  - 
even  when  the  network  is  down. 


eye  lades 


Everywhere  with  Linux' 


So  relax.  You  won’t  miss  a  thing. 


www.cyclades.com/vo  •  sales@cyclades.com  •  1 .888. CYCLADES 

©2003  Cyclades  Corporation.  All  rights  reserved.  All  other  trademarks  and  product  images  are  property  of  their  respective  owners.  Product  information  subject 
to  change  without  notice.  Photo  By:  Andre  Perlstein  /  Getty  Images 


The  Hub  of  the  Hetwork  Buy 
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Cooling  Solutions 
Laptop  Accessories 


Surge  Protectors 


UPS  Cables  and 
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Cisco  and  Fiber  :  f; 

'  *  i  Cabling 
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>i  Prihter,  Modem  VGA 
£?/  Cables  and  Adapters 
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*  t  Enclosures  •- 

Enclosure  Accessories 


Rack  Accessories 

Power  Distribution 
Devices 


Accessories 

,  •  9,  E*( . 

UPS  Management 
Peripherals 

UPS  Management 
Software 

UPS  Replacement 
Batteries 


BuyUptime.com 

Your  One-Stop  Shop  for  high  availability  products 

High  Availability  Made  Easy  —  . . . . 

As  a  leading  supplier  in  end-to-end  UPS  power,  thermal  cooling,  and  management  solutions,  BuyUptime.com  can 
accommodate  the  level  of  availability  many  customers  have  come  to  expect.  Let  BuyUptime  be  your  one-stop  shop 
for  high  availability  solutions. 

( Mobile  Power  Solutions /) 


Buy  One  Get  One  Free! 

APC  Travel  Power  Adapter 

•  Converts  DC  power  in  an  automobile  to 
75  watts  of  notebook  computer  power 
•Plugs  into  your  vehicle's  cigarette  lighter 
(not  for  use  on  airplanes) 


Part  Number 
PN0TEAC75SP 


Part  Number  PN0TEAC140 


Part  Number  PNOTEAC350 


APC  PNote  AC  140  &  350 

•  For  notebooks,  TVs,  VCRs,  game  consoles  and  more 

•  Auto,  RV  and  boat  compatible 

•  Plugs  into  your  vehicle's  cigarette  lighter 

•  Audible  alarms 

•  Automatic  shutdown  upon  low  battery 

•  PNoteAC140  has  a  single  power  outlet 

•  PNoteAC350  has  2  power  outlets 


Part  Number  PNote  Pro  Part  Number  PNote  Pro3 


APC  PNote  Pro 

&  PNote  Pro3 

•  Provides  advanced  AC  and  tele¬ 
phone  line  protection 

•  Unique,  in-line  design  creates  a 
compact,  lightweight  surge  protector 

•  Portable  and  appropriate  for  use  in 
any  country  throughout  the  world 
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Part  Number 


DNoteCL5 


APC  by  Kryptonite  Locks 

•  Portable  security  systems 

•  Prevents  theft  of  your  laptop  at  work  or  on  the  road. 

•  Braided  steel  cables  (5mm  and  8mm  thick) 

•  Available  in  combination  or  key  lock. 


Part  Number 
PNoteKL8 


Order  via  our  promo  page  and  start  saving  today! 

I fish  http://promo.buyuptime.com 

and  enter  the  Key  Code  k162y 


Call  Toll  Free 

888-288-8843  to  order. 

Fax:  (8771  41 1-2080  •  E-mail  customerservice@buyuptime  com 
801  Corporate  Centre  Drive,  St,  Charles,  MO  63304  •  BY1A3EP-US 
©2003  Systems  Enhancement  Corp.  All  Trademarks  are  the 
property  of  their  owners. 


Your  network  costs  a  fortune... 


NEW 

LOWER 

PRICES! 
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72"  Workstation 

$799 

Stk.  #  C95033 


protecting  it  doesn't  have 

Global  LAN  Furniture 


Keyboard  drawers 
and  casters  sold 
separately'. 


^GLOBAL 


protects  your  equipment 
for  a  lot  less  money. 

Our  heavy-duty  LAN  Furniture  is  built  to  last  with 
steel-reinforced,  triple-leg  support  and  lateral 
braces.  Built-in  cable  management  system  hides 
unsightly  wires  and  organizes  and  separates 
cables.  Deep  30"  work  surface,  adjustable  shelves 
and  sturdy  server  shelf  allow  for  easy  integration  of 
all  your  network  equipment,  providing  a  complete 
storage  solution.  Our  96",  72",  48"  and  24"  wide 
units  combine  with  additional  shelves,  keyboard 
drawers  and  casters  for  unmatched  flexibility  to 
meet  your  changing  needs. 


SAVE  A  TON  OF  MONEY 
ON  YOUR  NEXT 
MEDIA  PURCHASE! 
Check  out  our  prices  today! 


24"  Server  Station 

$299 

Stk.  #  C23955 


-9?” 


COMPUTER  a  Systemax 


company 


CALL  1 -8OO-8-GLOBAL 

or  visit  us  online  for  the  LAN  solution  that  is  right  for  you. 

www.globalcomputer.com/ go/mag/Ian 


Applications: 

Remote  Power  Management 
X  Servers 

X  Routers  Firewalls  DSU/CSU's 
X  Web  Cams 

Turn  On/Off  any  AC  or  -48VDC 
Powered  equipment  via  telnet, 
modem  or  local  terminal. 

Electronic  equipment  sometimes  "locks- 
up"  requiring  a  service  call  just  to  flip 
the  power  switch  to  do  a  simple  reboot. 
With  WTI  Remote  Power  Switches  you 
have  the  ability  to  perform  this  function 
from  anywhere  on  the  LAN/  WAN,  or  if 
the  network  is  down,  to  simply  dial-in 
from  a  modem  for  out-of-band  control. 

For  over  a  decade  WTI  has  been 
leading  the  way  in  Remote  Power 
Switching  technology  offering  more 
products  choices  for  small  or  large  scale 
remote  management  strategies. 

Our  switches  are  now  installed  in 
thousands  of  sites  world  wide.  Our 
customers  know  they  can  depend  on 
our  superior  quality  and  reliability  for 
their  most  mission-critical  operations. 

Yes,  we  are  customer  friendly! 

X  Two  year  warranty 
X  We  stock  for  same  day  shipment 
X  30  day  return  policy 
X  Start-up  cables  and  rack  ears  included 

Want  an  on-line  demo? 

Just  call  or  e-mail  and  you'll  see  for 
yourself  why  so  many  network 
professionals  choose  WTI. 


EIGHT  PLUG  -  DUAL  BUS 


TWO  PLUGS  -  LOW  COST 


©  Dual  15  Amp  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  User  plus  Admin  Security  Features 
©  115VAC  and  230VAC  Models 


HIGH  CURRENT  -  DUAL  BUS 


NPS-2HD 

©  Ideal  for  CISCO  6500/7500 
©  Dual  20  Amp,  115VAC  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 


CODE  ACTIVATED  - 
EXPANDABLE 


RPS-10 

©  Single  10  Amp  Circuits 

©  Expandable  to  10  Individually 
Switched  Plugs 

©  RS232  Control  Port 


©  Two  Addressable  Plugs 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  115VAC  and  230VAC  Models 
©  Manual  on/off  Buttons 

DUAL  BUS  -48VDC 


RPC-4840 

©  Dual  -48VDC,  40  Amp  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  On/Off/Reboot  Switching 

FIVE  CIRCUIT 
-48VDC  POWER  BAR 


RPB+DC30 

© 


© 


© 


Five  Individually 
Switched  Circuits 

Switch  -48VDC,  12  Amps 
each  Circuit,  30  Amps  Total 

Also  Available  in  115VAC 
and  230VAC  Models 


www.wti.com 


(800)  854-7226 


incorporated 

5  Sterling  •  Irvine  •  California  92618-2517 


Keeping  the  Net...Workii s§i 


Need  A  Remote  Power 


On-Command  Power  Switching  for  yew 
Network  Equipment...  from  Anywhere! 


See  Us  at  N+I,  Booth  #4446 


The  Hub  of  the  Network  Buy 
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COMPLETE  KVM  CONTROL  VIA  TCP/IP 


CONTROL  KEYBOARD.  VIDEO  AND  MOUSE  REGARDLESS  OF  LOCATION 

With  the  Kaveman  networking  device,  you  can  remotely  control  servers,  either  over 
the  Internet  or  a  local  network,  down  to  the  BIOS  level. 

ACCESS  SERVERS  USING  A  WEB  BROWSER  OR  VNC 

All  you  need  to  operate  Kaveman  is  a  web  browser  or  VNC  on  the  remote  client.  No 
additional  software  is  required.  And  no  software/users  licenses  help  keep  your  costs 
down. 

REMOTELY  CONTROL  POWER 

Through  the  user-friendly  Kaveman  GUI,  you  can  control  the  power  of  up  to  eight 
devices. 

AUTOMATICALLY  MONITOR  SERVER  ACTIVITY 

Kaveman  automatically  monitors  critical  server  vitals  such  as  power,  video,  and 
keyboard  response;  it  alerts  you  to  crashes  and  enables  you  to  quickly  respond  to 
problems. 

The  Engine  of  Innovation 


Available  in  single  and  eight  channel  versions  www.digitalv6.com  Resellers  and  Distributors  welcome 


There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


Expert 

Observer 

*2895 


Observer 
Suite 
* 3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SOL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows ®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 


Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 


Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 


If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  >44  (D)  1959  569880  •  Fax  +44  (0)  1959  569881 


INSTRUMENTS 


©2002  Network  Instruments.  LLC.  Observer.  "Network  Instruments”  and  the  “N  with  a  dot”  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 

All  other  trademarks  are  property  of  their  respective  owners. 
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USA  toll  free  800  333  9343 
ROSE  US  281  933  7673 
ROSE  Europe  +44  (0)  1264  850574 
ROSE  Asia  +617  3427  5353 

Rose  Electronics  •  10707  Stancliff  Road  ■  Houston,  TX  77099 


RackView  fold-forward  design 


Minimum  rack  depth  requirement 

15”  or  17"  TFT/LCD  monitor 

Keyboard  has  gold-plated  key  switches  with 

lifetime  of  20,000,000  key  presses 

High  resolution  opto-mechanical  trackball 


1 5”  up  to  1 024  x  768  resolution 


«  1 7”  up  to  1 280  x  1 024  resolution 


Optional  integrated  KVM  switch 


RackView™  15”,  17”,  19” 
Monitor  Only 


Fold  back  design 


15”,  17’,  or  19”  TFT/LCD  monitor 
15”  up  to  1024  x  768  resolution 


17”  and  19”  up  to  1280  x  1024  resolution 
Front  panel  conceals  unit  when  not  in  use 


Rack  mountable 
keyboard 

♦  Easy-glide  design  fits  in  1 U  space 

♦  Keyboard  uses  gold-plated  key  switches  with 
lifetime  of  20,000,000  key  presses 

♦  1 8  mm  key  spacing  for  typing  in  comfort 


im*  ELECTRONIC 


RackView  fold-back  design 

15",  17”,  or  19”  TFT/LCD  monitor 
Keyboard  has  gold-plated  key  switches 
with  lifetime  of  20,000,000  key  presses 
High  resolution  opto-mechanical  trackball 
15”  up  to  1024  x  768  resolution 
1 7  and  1 9"  up  to  1 280  x  1 024  resolution 
Optional  integrated  KVM  switch 


Is  rack  space 
at  a  premiumP 

The  RackView™  Advantage... 

The  RackView  offers  the  latest,  most  efficient  way  to  control  server  rooms  or  multiple 
computers  and  reduce  rack  space  consumption.  RackView  is  a  1U  or2U  rack  mountable 
KVM  console  drawer  with  optional  built-in  KVM  switch.  This  easy-glide,  KVM  console 
drawer  contains  an  LCD  video  monitor,  PS/2  tactile  keyboard  and  high  resolution  trackball. 

When  you  need  to  use  it,  just  slide  it  out  and  tilt  the  LCD  panel  up.  It's  especially  convenient 
when  you  have  to  access  computers  that  are  installed  in  racks  nearby.  When  you  are 
finished  using  it,  simply  slide  it  back  into  the  rack  and  the  front  panel  conceals  the  unit. 

You  have  a  choice  of  LCD  panel  sizes.  If  you  are  doing  occasional  server  work,  then 
perhaps  the  15"  model  is  the  one  best  suited.  For  higher  resolution  work  or  extended  use, 
the  17"  and  19"  models  will  improve  your  productivity. 

For  the  ultimate  in  server  access,  the  RackView  single  or  multiple  user  switch  option  offers 
a  choice  of  several  KVM  switches  to  allow  one,  two  or  four  users  access  to  their  servers. 
The  switch  and  rack  drawer  can  fit  into  1U  of  space  for  maximum  space  savings. 


Rack  mount  flat  panel  monitor, 
keyboard,  and  trackball  with 
optional  integrated  KVM  switch 

WWW.ROSE.COM 
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Reaching  new  neignit 

in  Remote  Reboot  AC  or  DC  Power  Management 

Don't  let  server  lock-up  knock  you  off  the  mountain.  Spectrum  Control's 
SMARTstart  power  distribution  units  with  remote  power  management 

capability  allow  you  to  monitor,  sequence  and  reboot  your  servers  and  *  t*  _  |  f  • 

network  equipment  from  any  remote  location. These  AC  or  DC  rack  '  ^ 

■;\v  .  mounted,  off-the-shelf  solutions  feature  several  methods  Of  communication,  W 

including  advanced  Web  Browser  access  and  greater  power  management 
than  you  ever  imagined. 

•  Reboot  via  telnet  and  other  convenient  interfaces 


■  - 


•  Lower  costs  through  reduced  network  downtime  and  field  service  visits 

•  SMARTstart  PDU's  offer  customization  and  are  upgradable 

•  Menu-driven  user  friendly  interface  and  secure  password  protection 

•  Global  access  to  monitor,  reboot  and  sequence  outlets 

•  Email  alerts  &  SNMP  Traps  for  immediate  system  status  notification 


ALL  AT  AN  UNBELIEVABLE 
OUT-OF-THE-BOX  PRICED 


ZJ  t  X 

To  learn  more  call  814-474-2207 
or  for  online  data  sheets,  go  to  •> 
www.specpower.  com/ remote  22 
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We’re  looking  for  Resellers  (VAR’S) 
and  Distributors  to  join 
our  SMARTcirde 

See  us  at  NetWorld+ Interop  booth  #6438 


N&TSUPPORT  manad&r 


New  Version  8.0! 

Remote  Control 
Enhanced  Inventory 
Internet  Gateway 
System  Status  Reporting 
Mac  &  Linux  Support 
Desktop  Integration 
Show  to  Many 
View  Multiple  Screens 
File  Distribution 


NetSupport  Manager  new  version  8.0  remote  control  software  securely  connects  you  with 
your  coworkers  to  support  their  systems  anywhere  over  a  LAN,  WAN  and  the  Internet. 


Chat,  Help  and  Message 


NetSupport  Manager  provides  fast,  secure  remote  PC  access,  enhanced  hardware  and 
software  inventory,  a  new  Internet  gateway,  system  status  reporting,  desktop  integration, 
Mac  &  Linux  support,  automated  scripting,  file  transfer,  remote  deployment  and  much  more. 


Profiled  Security 
Remote  Deployment 


Prop  up  a  pillow  and  join  the  remote  revolution  today! 


Automated  Scripting 


Download  9  www.netsupport-lnc.com 
or  call  toll-free  at  1.888.665.0808. 


Ne^f-Sjupp^rt 
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MANAGE  YOUR  SERVERS  OVER  IP 

FROM  ANYWHERE 


UltraLink  sets  a  new  standard  in  remote  management  of  server 
room  environments.  It  saves  you  money  by  allowing  you  to  centralize 
your  IT  resources.  Since  it  does  not  depend  upon  software  loaded 
on  your  computers,  it  deploys  easily  and  works  on  any  operating 
system,  such  as  Windows,  Linux,  Solaris,  Unix,  or  OSX. 

The  UltraLink  digitizes  the  remote  computer's  video.  It  then  scales, 
compresses,  encrypts,  and  packetizes  it  into  the  TCP/IP  protocol.  At 
your  PC  the  free  Viewer  application  receives  and  displays  the  video 
and  sends  back  keyboard  and  mouse  data.  This  process  allow  you 
to  access  remote  computers  from  anywhere. 


UltraLink 


■  Connects  to  standalone  computers  or  any  KVM  switch 


Rose  is  a  leading  manufacturer  of  switching,  extension,  and  access 
products.  As  a  KVM  industry  pioneer,  Rose  is  known  for  its 
technically  superior  and  price  competitive  products. 

Join  the  ranks  of  many  successful  companies  using  UltraLink,  call 
Rose  to  learn  more  about  KVM  Access  over  IP  as  well  as  KVM 
Switches,  Extenders,  and  Data  Switches. 


High  quality  16-bit  video  at  up  to  1280x1024  resolution 

Easy  to  install,  give  it  an  IP  address  and  run  the  Viewer  program, 
no  user  license  required 

Encrypted  communication  for  highly  secure  operation 
Scaling  and  scrolling  features  for  maximum  flexibility 
Single  mouse  cursor  simplifies  user  interface 
See  four  servers  from  one  screen  with  quad  screen  mode 
Lifetime  free  flash  upgrades 


KVM  SWITCHES 


LOW  COST  SINGLE  USER 
Vista™ 

Low  cost  single  user 
KVM  switch  supports 
up  to  64  computers 


PROFESSIONAL  SINGLE  USER 
UltraView  Pro™ 

Professional  single  user 
KVM  switch  supports  up 
to  256  computers 


MULTI-USER  FIXED  CHASSIS 

UltraMatrix™  E-series 

Professional  multi-user  KVM  switch 
2  -  4  KVM  stations  to  1 ,000  computers 


SwW 


MULTI-USER  EXPANDABLE 

UltraMatrix™  X-series 

Enterprise  class  multi-user  KVM  switch 
4  -  250  KVM  stations  to  1 ,000  computers 


USA  toll  free 
ROSE  US 
ROSE  Europe 
ROSE  Asia 


800  333  9343 
281  933  7673 
+44  (0)  1264  850574 
+617  3427  5353 


KVM  EXTENDER-COAX 
ViewLink™ 

Extends  KVMs  up  to  250  feet  away 
using  coax  cable 


KVM  RACK  DRAWER 
RackView™ 

1U  or  2U  rack  mountable  KVM  drawer 
17”  or  15”  LCD  video  monitors 
Optional  up  to  4x16  KVM  switch  option 
Kits  available  for  single  or  multiple  users 


KVM  EXTENDER-FIBER 


KVM  SHARING 


CrystalView  Fiber™ 

Extends  KVM  workstation 
up  to  30,000  feet  away 
Eliminates  EMI/RFI 
Supports  PC,  Sun,  and  USB 


Multistation™ 

Up  to  four  KVMs  to  one 
computer  allows  fully  automatic 
KVM  sharing 


KVM  EXTENDER-CAT  5 


jg«cujirvitw'  y  J!am  I 

CLASSROOM  KVM  SWITCH 


CrystalView™ 


ClassView™ 


Extends  your  KVM  station 
up  to  1 ,000  feet  away  from  your 
computer  using  a  CAT-5  cable 
Now  available  with  Audio 
Supports  PC,  Sun,  and  Serial 


Instructor  has  total  control 
over  classroom  of  up  to  255  students 
Instructor  can  access  the  students’  computers 
Keyboard  controlled,  easy  to  use 
Bus  connection  simplifies  installation 


KVM  EXTENDER-CAT  5 
CrystalView  Mini  ™ 

Extends  KVM  workstation 
up  to  1 50  feet  away 
Single  and  dual  versions 


VIDEO  DISTRIBUTION 
VideoSplitter™ 

Splits  video  from  one  or  two 
computers  to  multiple  monitors 


See  us  at 
NetWorld  +  Interop 
Booth  6637 


ELECTRONICS 


Rose  Electronics  •  10707  Stancliff  Road  •  Houston,  TX  77099 


rocess-Control 


Serial  Ports  over  IP 


EQUINOX 


Connect  with  ease! 


RS-232,  RS-422  &  RS-485  serial  connectivity  for  a  wide  variety  of  applications 


ESP  Serial  Hubs 


ESP-2  Ml  Serial  Hub 


ESP  Family  of  Serial  Hubs 

Connect  serial  ports  at  the  point  of  need  and  eliminate  cabling 
nightmares.  ESP  Multi-Interface  models  support  RS-232,  RS-422 
and  RS-485  serial  protocols  for  a  wide  range  of  applications. 


NEW!  ESP-2  Ml  Serial  Hub 

The  ESP-2  Ml  is  a  compact  Multi-Interface,  2-port  serial  hub  that 
provides  versatile  RS-232,  RS-422  and  RS-485  support  for 
manufacturing,  industrial  and  other  commercial  applications. 


Cali  today  for  a  FREE  30-day  product  evaluation: 
1-800-275-3500,  Ext.  615  or  954-746-9000,  Ext.  615 
Emaii:  sales@equinox.com  -  intlsales@equinox.com. 
For  more  information  visit  www.equinox.com 


EQUINOX 

an  Avocent  Company 
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What  if  you  could... 


Set  up  enterprise  VPN  connections  with  a  few  clicks  of 
the  mouse 

Quickly  define  network  access  rules  and  apply  them  to 
hundreds  of  firewalls  simultaneously 
Respond  to  threats  quickly  and  easily  by  altering  the 
properties  of  your  network  objects  once  and  then  applying 
these  changes  enterprise-wide 

Manage  ongoing  changes  to  your  security  policy  as  easily 
as  if  you  were  relaxing  in  your  favorite  armchair  with  your 
remote  control  and  a  cool  drink 


Now  you  can... 


CyberGuard  Corporation  •  2000  West  Commercial  Boulevard  •  Suite  200  •  Fort  Lauderdale  •  FL  •  33309  •  Phone:  954-958-3878 

©  2003  CyberGuard  Corporation.  Ail  rights  reserved.  •  .  ..  'f  ■  iS&V 


DEFEND  YOUR  DOMAIN 


Visit  booth  #4767  at  NetWorld+Interop  in  Las  Vegas 
and  see  the  next  generation  central  management 
solution  from  CyberGuard.  Stay  for  a  demonstration 
and  you  could  win  a  PalmPilot®.  For  additional 
information  visit  us  at  www.cyberguard.com/gc 


WORLDWIDE 


CYBERGUARD" 
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10/100  BaseT  Ethernet 

IP  for  HTML.  SNMP  & 
Telnet  Management 


RS-232 

Serial  Management 


Link  Port 
(daisy  chains  to) 

Expansion  Module 


In 


Power  Tower  XL 

•  Outlet  Grouping  across 
power  circuits 

•  Input  Current  Monitor 

•  New  HTML  GUI 

•  Power-up  Sequencing 

•  Zero  U  vertical  and  Rack- 
mount  horizontal  models 

•  Add  a  second  Power  Tower 
to  manage  32  power-ports 


*  Sentry  Power  Tower. 
Equipment  Cabinet  Solutions. 


Server  Technology,  Inc. 

/-v  •’  m 

V  1040  Sandhill  Drive  Reno,  Nevada  89511  USA 


f049  Sandhill  Drive  Reno,  Nevada  89511  USA 
web:  Vrww.servertech.com  toll  free:  1.800.835.1515 
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POWER 

PROTECTION 

n/FOPDAllUTY 


MORE  REASONS 
TO  CALL  MOVINCOOL. 
#1  IN  PORTABLE 
SPOT  AIR  CONDITIONING 
FOR  OVER  30  YEARS. 


►  Protects  against  excessive  heat 

►  Prevents  costly  system  failures 

►  Increases  productivity  and  manufacturing  quality 

►  Up  to  60,000  Btu/h  of  cool  air 

►  No  costly  installation 

►  Affordable  rent,  lease  or  purchase  options 

►  The  only  ETL-verified  portable  air  conditioner 

for  performance  (vjy) 

Call  800-264-9573  or  visit  www.movincool.com 
to  ask  about  our  affordable  leasing  options! 

MO/INCOOL 


THE  #1  PORTABLE  SPOT  COOLING  SOLUTION 


©2003  DENSO  Sales  California,  Inc. 

MovinCool,  Spot  Cool  and  Office  Pro  are  registered  trademarks  of  DENSO  Corporation. 


Reading  someone  else’s 
copy  of  Network  World? 

Apply  for  your  own 
Free  subscription  today. 


NetworkWorid 

ItF*"  Costs,  security 
? SSSM  vex  VoIP  users 


v  -- 


5-'  Spammers  hiding  k 
behind  students 


Free  subscription 

(51  Issues) 

To  apply  online  go  to 

subscribenw.com/b03 


subscribenw.com/b03 

Apply  for  your 

free 

subscription  today! 

(A  $255  value  -  yours  free) 


Experience  Counts.  Since  1 994  GTA  has  been 
building  solid,  dependable  firewall  systems.  For 
the  past  8  years  our  line  of  firewall  products 
have  met  the  demands  of  small  to  medium  sized 
businesses  worldwide.  All  GTA  firewall  products 
carry  the  ICSA  4.0  Corporate  Firewall  Certification 
To  learn  more  about  our  family  of  firewalls  visit 
our  website  or  contact  a  GTA  channel  partner. 


1 -800-775-4GTA 


info@gta.com 
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The  Hub  of  the  Network  Buy 


AppDancer  Networks,  Inc.,  1825  S.  Grant,  Suite  710,  San  Mateo,  CA  94402  U.S.A.,  1.800.825.7563,  info@appdancer.com 
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BOOTH  6653 

Enter  to  win  FREE  product 


NETWORLD  +  INTEROP 


Las  Vegas  2003 
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APPL I C A TION  FLOWS 
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Free  product  download  at  www.appdancer.com 


SENSAPHONE* 


iMS-aaaa 


w 


Internal 

UPS 


Microphone 

for  Sound 
Monitoring 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 


Power 

Control 

Interface 


Ethernet 

Port 


Internal  Voice, 
Modem 
&  Pager  Port 


8  RJ-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/Fire) 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Option,"  .  n,  itera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Tel:  877-3 
www.ims 
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Contact  these  companies  today  to  help  you  with  your  training  needs! 

IPexpert,  Inc.  j 

(866)  225-8064  j 

www.ipexpert.net  jj 

CCIE  (R&S,  SEC,  and  C&S),  CCSP,  j 

CCNP,  CCNA,  and  IP  TELEPHONY  [ 
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traducing  the  ATTO  iPBridge™  25001 
with  Support  for  iSCSI  and  NDMP 


ATTO  recently 


/alJsd 
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with  dual  Gigabit  Ethernet  ports 
supporting  NDMP  or  iSCSI  and  dual  SCSI  ports 

enables  OEMs  to  serve 
tulfiple  markets  with  the  same  product 


4U  cPCI  board 


for  direct  integration  into 
custom  OEM  configurations  (iPBridge  2S00C) 

units  available 

- 

2500B/D) 


•  Rackmount  and  deskto 


high-performance 


to  support 


Advanced  diagnostics 


on  tape  drives 

to  significantly  enhance 
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Power  Behind  the 

R/\ID  storage  arrays  •  Fibre  Channel  Bridges  •  iPBridges  •  SCSI  and 

Fibre  Channel  hubs  •  SAN  connectivity  so" 
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We  Buy  and  Sell 

New  and  Refurbished 
Fully  Guaranteed 
Overnight  Delivery 


Routers 
Switches 
Interface  modules 
Access  Servers 
Muxes 
DSU/CSU's 


CISCO 

Nortel  (Bay)  Networks 
Lucent (Ascend) 

Juniper  •  Extreme  Networks 
Adtran  •  Larscom  •  ADC  &  others 


800-T0-MULTI  800-866-8584  www.mlcp.com  sales@mlcp.com 


Call  1-888-746-6700  www.securematics.com 


toll  free  800  879  8795 
ph:  + 1  402  575  3000 
fox: -hi  402  575  20 J 1 


OptimumDatalnc 

www.optimumdata.com 


The  Hub  of  the  Network  Buy 


ROUTERS, 
SWITCHES,  GBICS, 
MODULES,  ADAPTERS, 
SERVERS,  OPTIONS 

BUY  *  SELL 
CISCO  ■  NORTEL 
3COM  ■  FOUNDRY 
EXTREME  ■  JUNIPER 
IBM  ■  LUCENT 
NEW  *  USED 

JE  Components,  Inc 
310  643-6021 

www.jecom.com 

Located  near  LAX  Airport 


COMPAQ. 


=  FEDCOM^JSA  = 


Your  #1  Source  -  Since  1990 
770-772-6000 


Call  Direct  Response 
Advertising 
1-800-622-1108 


FREE  Gift 
With  Every 
Purchase 


it  today?  Have  it  tomorrow! 


FIBER  OPTIC 
SOLUTIONS 


•  Tl/El  &T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 

•  LAN  -  Arcnct/Lthemet/Token  Ring 

•  Video/Audio/Hubs/Repeateis 

•  ISO-9001 

s.s.TECH 

Toll  Free  86<>-SITech-l 
630-761-3640,  Fax  630-761-3644 
www.sitcch-bitdriver.com 
www.silechtiber.Lom 


Comsystel  Inc. 
NETWORK  EQUIPMENT 

WE  SPECIALIZE  IN  SELLING 

CISCO 

WE  OFFER: 

•  DOMESTIC  ar 
INTERNATIONAL  SALES 

•  BEST  PRICES 

•  past  snrrvn 

•  BEST  QUALITY 

•  ALL  PRODUCTS  GUARANTEED 

For  more  information  contact 
Shumon:  Sales@NetworlLdeal.com 
1 2686  Hoover  Street. 

Garden  Grove.  CA  9284 1 
Ph.  714-899-0855  Fax  714-899-0825 


WWW.NETWORKDEAL.COM 


1  CISCO 
§  EXTREME 

?  F5 

SUN 


877.545.0545 


We  Buy  &  Sell 

USED 

CISCO 


juniper 

Extreme 

800.451.3407 

Since  1985 

50-90%  Savings 
Fully  Guaranteed 
Overnight  Delivery 

networkhardware.co 


PDA  Based! 


s699 


(Palm  ml05 
included) 


10/100  Ethernet  LAN  Tester 

Design  Engineers: 

Evaluate  &  test  new 
equipment  under 
development 
Network  Engineers: 

Determine  faulty 
NIC  cards,  wiring,  & 
network  equipment 

►  Displays  network  utilization,  packets 
&  statistics 

►  Captures  &  generates  various  error 
packets 

►  Network  load  testing  function 

►  Full  auto  negotiation  &  DHCP  ready 


Toll  Free  1-866-442-7767 
www.smartronlx.com/products 


WE  aUV  &  SELL 


CISCO 


J 


JUNIf*Er*  f^VErlS-rONE 

50-90%  Off  List  Price 
Largest  Inventory 
120  Day  Warranty 
Overnight  Delivery 
FREE  Configurations! 


I ENESIS 
LoaaL 


800-908-9665 
Call  Us  Today! 
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IT  EDUCATION,  TRAINING  &  CERTIFICATION 


Advertising  Supplement 


IT  Careers:  Industry  Drives 
Online  Degree  Trends 


More  than  20,000  people  in  the  United  States 
are  finding  a  new  way  to  quickly  morph 
current  skills  into  emerging  job  require¬ 
ments.  Colleges  and  universities  are  using 
online  coursework  to  stay  in  step  with  rapidly  developing 
technologies,  pushing  online  curriculum  that  in  the  past 
would  have  taken  years  to  develop.  From  data  mining  to 
infrastructure  security  and  systems  networking,  the  new 
degree  programs  are  allowing  IT  professionals  to  transform 
with  the  industry. 

These  aren’t  diploma  mill  programs,  either.  Universities 
ranging  from  Stanford  University  to  Massachusetts  Institute 
of  Technology,  from  Boston  University  to  James  Madison 


University  and  the  University  of  Missouri-Rolla,  are 
enrolling  students  for  classes  conducted  via  the  Internet. 
“Traditionally,  residential  universities  and  colleges  have 
been  slower  in  meeting  emerging  technology  needs,”  says 
Vicky  Phillips,  author  of  Best  Distance  Learning  Graduate 
Schools-Technology  2003.  “We’re  noticing  that  schools  are 
choosing  to  put  newer  concentrations,  such  as  cyber 
security,  online  to  be  market  responsive.” 

Tanya  Zlateva,  chairman  of  the  online  computer  science 
graduate  program  at  Boston  University,  says  demand  for 
online  courses  follows  the  IT  industry  trends.  “We  offer  a 
blended  program  of  four  face-to-face  meetings  during  the 
semester  and  web-based  learning,”  Zlateva  says.  The  uni¬ 
versity  added  an  IT  security  focus  to  its  graduate  programs 
this  year,  and  will  offer  a  full  concentration  IT  security 
program  beginning  Fall  2003.  “It’s  relatively  easy  to  put 
material  online,"  she  adds.  “But  by  adding  streaming  video 
and  interaction,  access  to  lab  work  online  and  other  facets, 
the  program  has  greater  value.” 

However,  online  study  isn’t  for  everyone,  cautions 
Phillips.  Top  on  the  list  to  consider:  your  own  learning  style. 
If  you’ve  taken  online,  CD-ROM  or  correspondence  courses 
in  the  past,  you  know  whether  you're  up  to  it.  “You  need 
good  time  management  skills  and  self-motivation,”  says 
Phillips.  “It’s  a  large  psychological  factor.”  Phillips’  research 
indicates  retention  rates  for  online  students  are  slightly 
-  though  not  significantly-  lower  than  those  in  on-campus 
programs. 


Secondly,  look  for  accreditation  by  the  regional  associa¬ 
tion  accrediting  schools  and  colleges  for  the  main  campus, 
as  well  as  any  other  accreditations,  such  as  those  for  busi¬ 
ness,  engineering  or  technology.  If  the  accreditation  isn’t 
from  a  group  belonging  to  the  Council  for  Higher  Educatior 
Accreditation  (chea.org),  you  may  want  to  reconsider. 
Then  find  out  how  much  you’ll  interact  with  faculty  and 
other  students.  You  may  need  access  to  a  satellite  link-up 
or  to  travel  to  campus.  Usually  students  in  an  online  class 
interact  via  bulletin  board  or  through  conference  calls.  Th( 
more  you  interact  with  students  and  faculty,  the  more  likel 
you’ll  stay  in  the  program. 

Financial  assistance  is  another  factor.  Not  all  online  pro¬ 
grams  qualify  for  low-interest  student  loans,  nor  do  all  cor 
porate  reimbursement  programs  apply.  Public  universities 
frequently  apply  in-state  tuition/out-of-state  tuition  rates 
just  as  they  would  for  resident  students.  Some,  however, 
have  a  single  distance-learning  tuition  structure.  In  terms  c 
cost,  compare  overall  tuition  costs,  the  value  of  a  national 
brand  name  degree,  and  the  cost  of  access  -  visits  to 
campus  or  satellite  links,  for  example. 

“We  haven’t  yet  seen  the  peak  in  enrollment  for  online 
degree  programs,”  predicts  Phillips.  “With  learning,  once  i 
not  enough.” 

IT  Careers 

For  information  on  recruitment  advertising, 

Please  contact:  Nancy  J.  Percival, 

Director,  Recruitment  Advertising, 
at  800-762-2977 
500  Old  Connecticut  Path 
Framingham,  MA  01701 
Produced  by  Carole  R.  Hedden 


Part-time  Education,  Full-time  Excellence 

Computer  Science  Programs 

Boston  University 


www.bu.edulmet  617-353 


Metropolitan  College's  undergraduate  and  graduate  degree  and  certificate 
programs  in  Computer  Science  provide  working  adults  with  the  technical  skills 
to  succeed  today  and  the  theoretical  knowledge  to  remain  competitive  for  life. 
Classes  are  designed  for  adults  with  and  without  prior  technical  training. 


BOSTON 

UNIVERSITY 


New!  Master's  degree  in  Computer  Science 
with  a  concentration  in  Security! 


METROPOLITAN  COLLEGE 


Boston  University  is  an  equal  opportunity/affirmative  action  educational  institution 
and  employer. 


e-lite  companies 
e-merging  companies 


e-ssential  companies 

e-normous  opportunities  TF  careers.com 


PLEASE  VISIT  US  AT 
VWVW.ITCAREERS.COM 
OR 

DIRECTLY  AT 
1-800-762-2977 


TAKE  CHARGE  OF  YOUR 

FUTURE! 


WITH  CAREER  TRAINING 


FROM 


GIBBS 


BUSINESS 

•  Executive  Assistant 

•  Office  Administration 

-  Medical 

-  Legal 

•  Corporate  Assistant 

•  Business  Administration 

-  Accounting 

-  Marketing 

•  Hospitality  Management 


TECHNICAL 

•  Computer  Technical  Support 

•  Computer  Network  Administrator 

•  Computer  Programming 


& 


At  GIBBS  COLLEGE ,  you  can  train  for  a  new  career  in: 

CRIMINAL  JUSTICE 
GRAPHIC  DESIGN 

•  Visual  Communications 

•  Illustration 


•  Telecommunications 


WEB  DESIGN 


WE’RE  OPEN  7  DAYS  A  WEEK!  CALL  TODAY! 

1.800.447.8100 


GIBBS  OFFERS: 

•  Day,  evening  and  weekend  classes 

•  Tuition  planning  assistance 

available  to  all  students 

•  Placement  assistance  for  graduates 


Gibbs  College 

33  Plymouth  Street 
Montclair,  NJ  07042 

www.gibbsmontclair.com 


Talent  is  the  fuel  of  the  new  economy. 

ITcareers  and  ITcareers.com  can  put  your  message  in 
front  of  2/3  of  all  US  IT  professionals.  If  you  want  to  make 
hires,  make  your  way  into  our  pages. 


Fill  up  with  ITcareers. 

Call  Nancy  Percival 
at 

1-800-762-2977 


Become  a  microsoft  Ulindouis  2000  Security  Expert. 

It's  easy.  Just  point,  dick  and  choose  the  format  that  works  best  for  you: 
•CD-ROm  •Web-Based  •Hands-On  •Uirtual  Classroom 

Uisit  lletSmart  today  at  uuuui.nuinetsmart.com 
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IT  CAREERS 


it  careers.com 


SYSTEMS  ANALYST 

Unrip'  general  direction  will  pro¬ 
vide  application  support  lor  a  ware¬ 
house  management  system  Will 
facilitate  and  perform  analysis, 
design  and  programming:  testing 
and  implement  systems  and  en¬ 
hancements:  work  across  prefects 
to  synchronize  project  plans  and 
deliverables  including  project  plan¬ 
ning.  project  management,  struc¬ 
tured  systems  development  life 
cyraes,  time  accounting,  systems 
documentation,  coding  and  testing 
standards,  quality  assurance  and 
change  control  and  configuration 
management;  develop  cost  analy¬ 
sis  estimates:  and,  perform  trou¬ 
bleshooting,  root-cause  analysis, 
solution  development  and  imple¬ 
mentation  of  large  and/or  multiple 
projects.  Expenence  working  with 
cross-functional  information  tech¬ 
nology  organizations  and  advanced 
knowledge  of  software  develop¬ 
ment  practice,  concepts,  technolo¬ 
gy  and  methodology  required 
Position  requires  minimum  of  a 
Bachelor's  degree  in  Computer 
Science,  Business  or  a  related  field 
and  two  (2)  years  experience  in 
field  of  information  technology 
related  to  an  Open  Systems  Appli¬ 
cations  Development  environment. 
Previous  experience  supporting 
warehouse  management  systems 
(Red  Prairie.  EXE,  Catalyst)  pre¬ 
ferred.  Position  located  in  Schaum¬ 
burg,  Illinois.  Fulltime,  M-F.  Salary 
$80, 496/year. 

Interested  applicants  may  submit 
their  resumes  to  www.conaara 
foods  com  click  on  "careers",  then 
“apply  now".  Note:  You  must  type  in 
the  following  code  of  C-CMIS254  in 
order  to  apply  for  this  position. 
Failure  to  correctly  enter  this  infor¬ 
mation  will  result  in  non-considera¬ 
tion  for  the  position.  You  may  also 
submit  your  resume  to  ConAgra 
Foods,  Inc..  Attn:  Judy  Mincey, 
Human  Resources  CC-256,  One 
ConAgra  Drive.  Omaha,  NE  68102. 


Senior  Software  Engineer: 
Responsible  for  designing, 
specifying,  coding  and  testing  of 
new  features  as  well  as  partici¬ 
pating  in  code  reviews  and 
design  discussions  for  additions 
to  HACMP  software  the  compa¬ 
ny  produces.  Duties  include: 
writing  functional  requirements: 
working  on  complex  technical 
designs  and  producing  design 
documents:  technical  mentoring 
of  junior  engineers,  reviewing 
functional  requirements  and 
design  documentation  of  less 
senior  engineers:  coding  and 
testing  own  features  and  com¬ 
ponents  of  other  features;  and 
fixing  most  defects.  Utilize 
knowledge  of  Unix  networking, 
Unix  Systems  Programming, 
Distributed  Systems  or  Avail¬ 
ability  Management.  Require¬ 
ments  include  a  Bachelor's 
degree  or  equivalent  in 
Computer  Science,  Electronics 
or  related  Engineering  field  with 
at  least  five  years  of  work  expe¬ 
rience  in  the  job  offered  or  relat¬ 
ed  field  of  software  engineering. 
Applicants  must  have  unrestrict¬ 
ed  authorization  to  work  in  the 
United  States.  Salary  $90,461/ 
year.  40  hours/wk.  Respond  with 
two  copies  of  resume  to  Case 
#200200827,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  FI.. 
Boston,  MA  02114 


KidSmart  Software  Co.  is  look¬ 
ing  for  programmer/system  ana¬ 
lysts  Qualified  candidates  must 
have  minimum  BS  Exp.  using 
PowerBuilder  7.0,  Data 
Architech  6.0,  Citrix  Server, 
Sybase  (ASA8.0),  MRS  is  plus. 
Good  salary  with  full  benefits 
Please  apply  at  jobs@kssc.com. 
EOE. 

Programmer  or  system  analysts 
wanted  by  RS  Systems 
Company  Ideal  applicants 
should  have  BS  with  experi¬ 
ence  Skills  in  following  areas 
preferred  Coldfusion,  Java, 
JavaScript,  DreamWeaver, 
HTML,  VBScript  Send  resume 
with  wage  request  to 
|obs@rssystems  com 


Software  Engineer  with 
Bachelor's  degree  in  Computer 
Science  and  two  years  experi¬ 
ence  in  development  using  NET 
framework,  Peoplesoft  8.0,  soft¬ 
ware  development  life  cycle 
under  CCM  level  5,  ISO  9002  . 
Send  resume  to:  International 
Computerware,  Inc.,  277  Main 
Street,  Marlborough,  MA  01752. 


Software  Engineers  -  Responsibil¬ 
ities  include  design,  development, 
testing  and  implementation  of 
multi-user,  real  time  applications 
using  COBOL,  CICS,  DB/2,  JCL, 
VSAM,  EASYPLUS  and  MVS  in  a 
mainframe  environment.  Perform 
detailed  business  analysis  and 
develop  efficient  and  flexible 
applications  in  batch  and  on-line 
modes.  2  Years  experience  on  the 
job  with  a  Master's  degree  or  5 
years  with  a  Bachelor's  degree  in 
Engineering/Science/Mathematic 
s  or  equivalent.  Salary:$89K/Year. 
Please  send  applications  to  705 
Mermaid  Dr  #308  Deerfield  Beach 
FL  33441  USA. 


Software  Engineer:  Dsgn  and 
dvlp  med.  s/ware  applns 
using  C++,  SQL  Svr,  MUMPS 
&  related  tools:  Install,  admn- 
str  &  maintain  network  sys; 
Database  admin;  Remote 
cust  support  thro  WAN;  Dsgn 
&  dvlp  CACHE  Database 
Sys.  Requires  BS  or  eqvlnt  in 
Comp  Eng  &  5  yrs  exp  in 
appln  dvlpmnt  and/or  sys 
admin  and/or  network  eng 
and  MCSE  for  Win  4.0.  Apply: 
Integrated  Informatics,  Inc, 
1805  Old  Alabama  Rd,  Ste 
320,  Roswell,  GA  30076. 
Email:  kaps@ii-i.com _ 


Consultant  sought  by  NYC 
Computer  Consulting  firm 
to  analyze  user  needs,  to 
dsgn,  dvlp  &  implmt  medi¬ 
um  to  large  scale  applies 
using  technologies  such  as 
Lotus  Notes/Domino,  Lotus 
Script,  C/C+  +  ,  SQL  & 
HTML.  Must  have  BS  in 
Comp  Sci  or  Engg,  Info 
Systems  Engg  or  related 
w/2  yrs  of  relevant  work 
exp.  Send  resume  to 
Gemini  Systems,  HR 
#CMG,  61  Broadway,  Ste 
925,  NY,  NY  10006. 


MphasiS-BFL  Ltd.  and  its  sub¬ 
sidiary  MphasiS  Corporation 
has  multiple  openings  for  the 
following  positions  at  its  office 
in  New  York  and  unanticipated 
client  sites  throughout  the 
U  S.  Programmer  Analyst, 
Software  Engineer,  Project 
Manager,  Management  Ana¬ 
lyst,  Sales  Engineer,  Business 
Development  Manager,  Fi¬ 
nance  Manager.  Please  send 
resume  and  salary  history  to: 
hr@mphasis.com  or  mail  to 
444  Park  Avenue  South,  Suite 
#503,  New  York.  NY  10016. 


Seeking  qualified  applicants  for 
the  following  positions  in 
Memphis/Collierville,  TN:  Sen- 
ioi _ Programmer _ Analyst. 

Formulate/define  functional  req¬ 
uirements  and  documentation 
based  on  accepted  user  criteria. 
Requirements:  Bachelor's  degr¬ 
ee*  in  computer  science,  MIS, 
engineering  or  related  field  plus 
5  years  of  experience  in  sys¬ 
tems/applications  development. 
Experience  with  ClearBasic  pro¬ 
gramming  also  required. 
’Master's  degree  in  appropriate 
field  will  offset  2  years  of  general 
experience.  Submit  resumes  to 
Sibi  George.  FedEx  Corporate 
Services,  1900  Summit  Tower 
Blvd.,  Suite  1400,  Orlando,  FL 
32810.  EOE  M/F/D/V. 


Seeking  qualified  applicants  for  the 
following  positions  in  Memphis/ 
Collierville,  TN:  Senior  Programmer 
Analyst.  Formulate/define  function¬ 
al  requirements  and  documentation 
based  on  accepted  user  criteria. 
Requirements:  Bachelor's  degree* 
in  computer  science,  MIS,  engi¬ 
neering  or  related  field  plus  5  years 
of  experience  in  systems/applica¬ 
tions  development.  Experience 
with  Oracle  and  UNIX  Scripting 
also  required.  'Master's  degree  in 
appropriate  field  will  offset  2  years 
of  general  experience.  Submit 
resumes  to  Sibi  George,  FedEx 
Corporate  Services,  1900  Summit 
Tower  Blvd.,  Suite  1400,  Orlando, 
FL  32810.  EOE  M/F/D/V. 


COMPUTER  SYSTEMS 
ENGINEER  wanted  by 
hardware  &  systems  sup¬ 
port  Co.  in  Houston,  TX. 
Must  have  B.S.  in  Comp. 
Engineering  (or  Electronic 
&  Comp.  Engineering) 
plus  exp.  Respond  by 
resume  only  to:  Mr.  S.  Ye 
ID-Melody  Computers, 
Inc.  5800  Ranchester,  Ste 
160,  Houston,  TX  77036. 


Programmer  Analyst,  Wilmington, 
DE.  Bachelors  in  Comp,  or 
Electronics  or  MIS  +  one  year 
exp.  in  design,  develop  and 
implement  net  enabled  applica¬ 
tions  utilizing  Java,  HTML,  XML, 
Java/RMI,  CORBA,  EJB,  C, 
SQL,  and  PL/SQL  and  do  OOP 
using  C++  and  C  #  for  Windows 
95/98/NT  &  Unix:  design  GUI 
using  VB.  Visual  Age  for  Java  and 
Developer  2000;  design  &  devel¬ 
op  RDMBS  using  Oracle,  SQL 
Server,  MS  Access,  DB2  and 
generate  reports  using  JDBC. 
Forms  5.0,  Reports  2.5.  Respond 
to  HR  Dept,  Neotech  Solutions 
Inc.,  1170  Broadway,  Suite  314, 
New  York,  NY  10001. 


System  and  network  administra¬ 
tor  wanted  by  Printing  Industries 
of  Michigan  Service  Corp. 
Duties  include  system  &  network 
administration,  install  &  config¬ 
ure  servers,  user  support.  Must 
have  BS  or  equivalent  with 
CCNA,  MCP,  MCSE.  Please 
apply  at  nick@pnnt.org.  EOE. 

Comp  Consults  is  looking  for 
programmer/system  analysts, 
engineers  or  IT  consultants.  Our 
minimum  requirement  is  BS  plus 
some  experience  in  following 
area:  Oracle,  Unix,  C/C++,  VB. 
Java,  J2EE.  EJB,  XML. 
XSL/XSLT.  Please  send 
resumes  to  immg@compcon- 
sults.com.  EOE 


Exp'ed  Prog/Sys  Analysts.  DBAs. 
Syst  Admins.  S/W  Engineers 
required  for  branch  locations  in 
Elgin.  IL.  Lower  Gwynedd.  PA  and 
Cherry  Hill,  NJ.  Skill  sets  C.  C++. 
Java,  Wireless,  HTML  on  UNIX/ 
Windows;  VB,  VC++,  PB;  Oracle, 
PL/SQL,  Pro*C;  VLSI/ASIC  de¬ 
sign,  VHDL,  C,  C++,  Shell  scripts; 
UNIX.  Windows  Sys.  Admin;  CO¬ 
BOL,  CICS,  DB2  Require  BS/MS 
in  CS/Engg(any  branch)/Math/ 
Business/Science  (or  its  foreign 
equiv  and/or  equiv.  in  edu  &  exp.) 
and  relevant  exp.  Travel  required. 
High  salaries.  Resumes  to:  HR. 
Fourth  Technologies,  585  Tollgate 
Road  Suite  I.  Elgin,  IL  60123. 
Indicate  on  resume  the  branch 
office  you  are  applying  for. 


Innovision  Technologies,  a 
dynamic  company,  is  looking  for 
system  analysts,  IT  profession¬ 
als  and  software/project  engi¬ 
neers.  BS  plus  some  experi¬ 
ence  is  required.  We  offer  attrac¬ 
tive  wage  with  full  benefits,  401k 
and  job  is  stable.  Please  send 
resumes  to 

iti@innovisiontech.com  EOE 

Synergy  has  openings  for  IT 
professionals  or  engineers. 
Qualified  applicants  must  have 
BS/MS  with  some  experience. 
Strong  background  in  TCP/IP 
Suite,  Unix,  DB2,  Oracle,  VB, 
SQL,  IIS,  Window  NT  and  XML 
is  plus.  Send  resumes  to 
hr@synergycom.com.  Travel  is 
required.  EOE 


Sr.  Programmer  Analysts  -  Job 
Entails  and  requires  experience 
in  design  and  development  of 
applications  using  BAAN,  Triton, 
SAP,  Siebel,  WinRunner  and 
SEI-CMM.  Software  Engineers- 
Job  entails  and  requires  experi¬ 
ence  in  design  and  development 
of  applications  using  Oracle 
Applications  (GL,  OM,  OE.  PO 
and  INV),  Oracle,  VB  and  Unix. 
Job  Location:  Dublin.  OH. 
Relocation  within  USA  Possible. 
Attractive  compensation  pack¬ 
age.  Send  resume  to  Priya 
Venkat,  Technology  Software 
Inc.,  5708  Clearfield  Lane, 
Dublin,  OH  43016. 
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Exec  Search,  Inc.  a  technology¬ 
consulting  firm  has  job  openings 
both  locally  &  around  the  coun¬ 
try  for  Programmer  Analysts. 
Database  Administrators,  & 
Software  Engineers  w/exp  in 
one  or  more  (depending  on 
need)  of  following  skills: 
WebMethods  Integration  Server, 
WebMethods  Trading  Networks, 
WebMethods  Enterprise  Server, 
IBM  MQSeries,  IBM  Assembler, 
IBM  WebSphere.  Mainframes. 
CICS,  DB2,  COBOL.  Unix,  Sun 
Solaris,  Win,  C/C++,  Visual  C++, 
VB,  Power  Builder.  Dsgnr  2000, 
Dvlpr  2000,  Oracle,  Oracle 
Applic,  SQL  Server,  MS  Access. 
SQL.  SQL  Plus,  PL/SQL,  Data 
warehousing  Tools.  HTML. 
DHTML.  XML.  TCP/IP.  Perl, 
JSP,  Weblogic,  Java,  Java 
Script.  VB  Script,  ASP,  Clarify. 
Documentum,  CoreDossierX, 
Rational  Rose.  Testing  tools  & 
QA  methodologies.  Some  pos 
req  Bach  others  Master’s  in 
Comp  Sci  or  related  field,  or  its 
equiv  as  well  as  relevant  IT  exp. 
Relocation  may  be  necessary 
depending  on  particular  employ¬ 
ment  pos.  Send  resume  to  Exec 
Search,  Inc.,  C/O  ISS,  1300 
Bent  Creek  Blvd,  Ste.  200. 
Mechanicsburg,  PA  17050 


Sr.  Applications  Systems 
Analyst  (Indianapolis,  IN)  - 
Design,  dev.,  create,  procure, 
code,  test,  implement,  install  & 
maintain  computer  software  sys¬ 
tems.  Apply  principles  &  tech¬ 
niques  of  comp,  sci.,  engg., 
investigation,  planning  &  analy¬ 
sis,  to  determine  software 
requirements  &  feasibility  of 
design  w/in  time  &  costs  con¬ 
straints.  Handle  RenCS, 
Gembase  &  Oracle  DB  admin. 
Interact  w/  customers  to  evalu¬ 
ate  business  processes,  inter¬ 
face  btwn  software  &  hardware, 
data  processing  &  information 
requirements,  &  system 
resources.  Research  &  recom¬ 
mend  data  communications 
solutions.  Formulate  &  design 
software  systems,  applications, 
programs,  &  architecture.  Utilize 
SQL,  Unix,  &  Oracle.  B.Sc.  in 
Comp.  Sci.,  IT,  Math,  or  Eng'g  & 
3  yrs  exp.  in  position  offered  or 
as  DBA,  Syst  Analyst,  or  SW 
Eng'r.  40  hrs/wk  9  to  6,  M-F. 
EOE.  Send  resume  &  cvr.  Itr.  to: 
Attn:  Global  Business  Systems, 
Alcoa  CSI,  6625  Network  Way, 
Ste  200,  Indianapolis,  IN  46278. 


Business  Systems  Analyst  to  ana¬ 
lyze,  develop  integrated  comp  sys¬ 
tems  for  hospitality  supply  industry 
using  SAP;  interact  with  cus¬ 
tomers/industry  partners;  identify 
/implement  SAP  Functional/System 
enhancements  to  improve  system 
efficiency;  provide  functional  exper¬ 
tise  to  assure  data  integrity  be¬ 
tween  integrated  software  appls; 
provide  SAP  training  to  current/new 
staff  Require:  B.S.  or  foreign  equiv. 
in  CS/Bus  Admin  with  2  yrs  exp  in 
SAP  systems.  In  lieu  of  BS.  3  yrs  of 
academic  studies  in  one  of  the 
above  plus  1  yr  of  work  exp  in  SAP 
systems  will  be  accepted.  High 
salary  Responses  to:  Three  R 
Hotel  Group,  1300,  319  E.  Bypass 
N.  Moultrie.  GA  31788. 


Jr.  Consultant  sought  by  NYC 
Computer  Consulting  firm  to 
analyze  user  needs,  to  dsgn, 
dvlp  &  implmt  medium  to 
large  scale  applies  using  tech¬ 
nologies  such  as  Crystal 
Reports,  VB,  VB  Script.  MS 
Access.  MS  SQL  Server, 
Sybase  Adaptive  Server,  MS 
Win  95/NT.  Must  have  MS  in 
Comp  Sci  or  Engg,  Info 
Systems  Engg  or  related  w/1 
yr  relevant  work  exp.  Send 
resume  to  Gemini  Systems, 
HR  #JCDH,  61  Broadway,  Ste 
925,  NY,  NY  10006. 


Senior  Staff  Engineer  (Denver, 
CO)  -  Serve  as  a  tech  consultant 
to  eng  management  in  telecom 
transmission  eng  using  knowl¬ 
edge  of  design  concepts  for  tele¬ 
com  networks;  system  design 
principles  for  long-distance  links; 
digital  trans  systems;  fiber  optic 
cables/associated  propagation 
techniques;  trans  eng  design  for 
fiber  optic  systems;  networking 
principles;  telecom  traffic  eng;  & 
SONET  systems.  Provide 
advanced  tech  leadership  in 
design,  analysis  &  problem  solv¬ 
ing  efforts  to  special  design 
team,  tech  review  team,  or  prob¬ 
lem  resolution  team.  Work  inde¬ 
pendently  &  exercise  consider¬ 
able  latitude  in  defining  &  pursu¬ 
ing  special  advanced  telecom 
eng  projects.  Initiate  &  execute 
advanced  research  &  develop¬ 
ment  activities.  BS  EE,  Systems 
Eng,  or  related  +  5  yrs  related 
exp  +  working/theoretical  knowl¬ 
edge  of:  Design  concepts  for 
telecom  networks;  System 
design  principles  for  long-dis¬ 
tance  links;  Digital  trans  sys¬ 
tems;  Fiber  optic  cables/associ¬ 
ated  propagation  techniques; 
Trans  eng  design  for  fiber  optic 
systems;  Networking  principles; 
Telecom  traffic  eng;  &  SONET 
systems.  $82,949/yr.  M-F.  40 
hrs/wk  Must  have  proof  of  legal 
authority  to  work  permanently  in 
the  U.S.  Application  by  resume 
only  to:  EMPLOYMENT  PRO¬ 
GRAMS,  PO  BOX  46547,  DEN¬ 
VER,  CO  80202  &  refer  to 
order#CO504 1851 


Programmer  Analyst.  Sought  by 
Englewood  Colorado  consulting 
company  to  work  in  various  unan¬ 
ticipated  locations  throughout  the 
U.S.  Under  direct  supervision,  ana¬ 
lyze,  plan,  develop,  test  and  docu¬ 
ment  computer  programs  including 
business  and  web  applications  and 
network  communication  programs. 
Evaluate  user  requests  and  soft¬ 
ware  program  requirements  for 
new  and  modified  programs.  Write 
specifications,  code,  test  and  de¬ 
bug  computer  programs.  Use  of 
Oracle,  Java,  JavaScript,  MQ 
Series.  JSP.  EJB.  J2EE.  WebLogic. 
UNIX,  Servlets  and  Windows  NT. 
Reqs.  Bachelors  or  equivalent  in 
Computer  Science  or  related  deg¬ 
ree.  Plus  1  year  in  the  job  offered  or 
1  year  in  a  related  occupation 
including  Systems  Analyst  or  Web 
Developer  or  related  experience. 
Will  accept  3  years  of  college  edu¬ 
cation  and  3  years  experience  in 
lieu  of  required  education  and 
experience.  $63,000/year,  40/hrs/ 
wk.  9AM-5PM  Respond  by  resume 
to  EMPLOYMENT  PROGRAMS. 
PO  Box  46547.  Denver.  CO  80202. 
and  refer  to  Job  Order  No. 
CO5042383. 


SENIOR  PROGRAMMER/ 
ANALYSTS 

MARA  CONSULTING,  INC.,  a 
California-based  Corporation,  has 
immediate  openings  for  Senior 
Programmer/Analysts  with  at  least 
five  years'  experience  in  Natural/ 
ADABAS/Programming  who  have 
worked  on  IBM  mainframe  plat¬ 
forms  utilizing  MVS/XA  ESA  and 
OS/390  Operating  Systems.  Appli¬ 
cants  must  also  have  at  least  four 
years  of  formal  academic  training  in 
computer  data  processing,  Compu¬ 
ter  Science  or  a  related  field  culmi¬ 
nating  in  government  diplomas  or  a 
Bachelor’s  Degree.  Must  be  willing 
to  travel  from  the  Sacramento, 
California  area  to  temporary  work 
sites  throughout  the  United  States 
to  be  paid,  at  least,  the  prevailing 
wage  in  that  area.  Employees  will 
remain  employed  by  MARA  CON¬ 
SULTING,  INC.,  fwww.maracon 
sulting.com)  with  continuing  bene¬ 
fits.  Send  your  resume  with  current 
address  and  telephone  number  to 
MARA  CONSULTING.  INC.,  8577 
Almond  Bluff  Court,  Orangevale. 
CA  95662  or  email  to 
maracons@Dacbell.net.  EOE 


Avon,  a  world  leader  in  the 
health  and  beauty  products 
industry  is  seeking  a  Technical 
Manager,  Webmaster  at  its 
headquarters  in  NYC.  The 
Technical  Manager,  Webmaster 
migrates  all  the  existing  sites  to 
Interwoven  Teamsite  Server. 
Develops  and  designs  tem¬ 
plates.  Data  capture  forms  and 
workflows.  Designs  and  devel¬ 
ops  internet  and  intranet  web¬ 
sites  for  the  company  utilizing 
technologies  such  as  CGI  script¬ 
ing  in  PERL,  JavaScript/ 
VPScript,  JAVA  ASP,  Cold 
Fusion  web  development  tools, 
Flash.  Photoshop.  UNIX.  NT 
Teamsite  server  administration. 
Develops  a  Content  Submission 
System.  Provides  local  technical 
support  to  the  web  content 
team.  Performs  server  side 
management  of  Teamsite  serv¬ 
er. 

Must  have  a  Bachelor's  or  for¬ 
eign  equivalent  degree  in 
Computer  Science  or  Engin¬ 
eering  and  2  years  experience. 
The  required  experience  must 
include:  (i)  2  years  in  Web  site 
development  in  Interwoven 
Teamsite  Server;  Web 
Development  and  Web  develop¬ 
ment  tools;  HTML,  ASP,  Java, 
JavaScript,  XML,  VB  Script,  CGI 
Programming  -  PERL,  C++;  and 
(ii)  1.5  years  in  SQL  Server,  MS 
Access,  Photoshop,  and  Flash. 

Please  send  resume  to:  Attn: 
HR  Specialist,  Avon  Products, 
Inc.,  1345  Avenue  of  the 
Americas,  New  York,  NY  10105. 
Fax:  (212)  282-6149.  E-mail: 
jobs6@avon.com 


Software  Developer,  Internet 
Applications  wanted  to  develop  & 
maintain  customer-centric  internet 
applications  that  maintain  &  en¬ 
hance  company's  leadership  posi¬ 
tion;  develop  &  deploy  eCRM  plat¬ 
form  to  customize  &  automate 
business  transactions  with  con¬ 
stituents  using  Delano  for  encap¬ 
sulating  business  logic  such  as 
survey  forms/questionnaires,  e- 
mail  attachments,  newsletters  & 
periodic  updates;  use  T-SQL  to 
extract  data  from  SQL  Server 
database;  implement  eCRM  pilot 
projects  consistent  w/  strategic  ini¬ 
tiatives,  using  state-of-the-art 
tech,  such  as  XML,  ASP,  Perl, 
Lotus  Notes/Domino,  &  OCR  for 
Forms,  provide  support  from  Tech. 
Services  to  Marketing  &  other 
business  units  for  customer- 
focused  technology  products  & 
services;  support  Tech.  Services 
in  adapting,  modifying,  &  /or 
replacing  existing  technologies  to 
create  &  maintain  comprehensive 
integrated  user  services.  Must 
have  Bach.  deg.  in  Comp.  Sci.  or 
related  field,  &  2  yrs.  exper.  in 
Internet  &  relational  database 
design,  development  &  production 
in  a  realtime  production  environ, 
w/  reporting  &  data  analytical 
skills,  incl.  exper.  in  developing 
with  HTML,  XML  &  ASP,  Lotus 
Notes/Domino,  Delano  &  script¬ 
ing  in  OCR  for  Forms.  Salary 
$68,000/yr.  Send  2  resumes  to 
Case#200201 292,  Labor  Ex¬ 
change  Office,  19  Staniford  St.,  st 
FI.,  Boston,  MA  02114. 


Programmer/Analyst:  Dev 
sports  related  websites. 
Understand/define  client 
req.;  design,  dev, 
test/implement  solutions, 
use  Visual  Basic/other 
programming  technolo¬ 
gies.  Dev  reusable  object 
library.  Req:  3  yrs  exp.  9a- 
5p.  Resume:  E.  Derechio, 
TWI  Interactive,  20  Guest 
St.,  #400,  Brighton,  MA 
02135. 


Lead  Software  Release 
Engineer:  Responsible  for  all 
aspects  of  the  planning,  design 
and  development  of  support 
software  product  lines.  Duties 
include  building  and  leading  pro¬ 
ject  teams  in  development  activ¬ 
ities  for  high  quality  software, 
meeting  tight  market  deadlines. 
Ensures  development  of  soft¬ 
ware  requirements  and  specifi¬ 
cations.  Works  in  C/C++,  UNIX 
Wind  River  Systems  support 
systems.  Reviews,  evaluates 
and  approves  software  project 
technical  proposals,  methods, 
and  schedules.  Manages  techni¬ 
cal  staff  to  achieve  design  objec¬ 
tives.  Monitors  progress  on  pro¬ 
jects  to  ensure  fulfillment  of 
product  scheduling  objectives. 
Works  with  Module  Deve¬ 
lopment  to  integrate  software 
and  hardware  compatibility 
issues.  Participates  in  TQM 
activities,  including  responsibili¬ 
ties  designed  for  the  company 
Quality  System  and  ISO  9000, 
oriented  at  continuous  process 
improvement  in  Software 
Engineering  as  well  as  in  overall 
product  development.  Require¬ 
ments  include  a  Bachelor's 
degree  or  equivalent  in 
Computer  Science,  and 
Engineering  discipline  or  related 
field  and  three  years  of  experi¬ 
ence  in  the  job  offered  or  related 
field  of  system  software  product 
development.  Applicants  must 
have  unrestricted  authorization 
to  work  in  the  United  States. 
Salary  $89, 257-$1 00,000/year. 
40  hours/wk.  "Respond  with  two 
copies  of  resume  to  Case 
#200200420,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  FI., 
Boston,  MA  02114. 


PRINCIPAL  SOFTWARE  ENGI¬ 
NEER.  Design,  implementation, 
testing  and  maintenance  of  soft¬ 
ware  components  and  subsys¬ 
tems  which  are  incorporated  into 
one  or  more  company  software 
products;  utilize  contemporary 
techniques  and  tools  including 
Visual  C++,  Microsoft  Foun¬ 
dation  Classes  and  Various 
Microsoft  Windows  multimedia 
APIs  to  develop  software;  works 
with  product  features  relating  to 
visual  display  and  synchroniza¬ 
tion,  user  interface,  utilization  of 
DirectX  filtergraphs,  and  audio 
recording  and  playback  "engine', 
duties  include  project  manage¬ 
ment  and  design  utilizing  knowl¬ 
edge  of  Windows  system  inter¬ 
nals  and  digital  signal  process¬ 
ing  (DSP).  Requires  B.S.  or 
equivalent  in  Computer  Science, 
Mathematics,  Electrical  Engin¬ 
eering  or  Physics  plus  5  years 
exp.  in  job  offered  or  5  years 
directly  related  experience 
including  image  processing  and 
audio/music.  Rate  of  Pay: 
$1 10,000/year.  Hours:  40/week- 
9  am  to  5pm.  Reply  by  resume 
only  (2  copies)  to  Case 
#200201326,  Labor  Exchange 
Office,  19  Staniford  Street,  1st 
Floor,  Boston,  MA  02114. 


VP  -  Solution  Engineering  & 
Consulting.  Lead  a  group  of 
Engineers  responsible  for  devel¬ 
oping  and  deploying  Real  Time 
Locating  System  (RTLS)  solu¬ 
tions.  Requirements  and  duties 
to  include:  Managing  the  devel¬ 
opment  and  deployment  of  new 
applications.  Directing  complex 
projects  requiring  system  inte¬ 
gration,  hardware  engineering 
and  software  development. 
Manage  product  complexity  and 
versioning  control.  Integrate 
wireless  networking  S/W  & 
Radio  Frequency  (RF)  hardware 
devices.  Degree  in  Computer 
Science/Engineering  and  exten¬ 
sive  experience  req'd.  Job  loca¬ 
tion  is  at  Newton,  MA.  Send 
resume  to  Thomas  Bacon. 
WhereNet  Corporation,  5920  St. 
Clair  Highway,  China,  Michigan 
48054. 


SENIOR  SYSTEMS  ANALYST 

The  Senior  Systems  Analyst  SAP 
Business  Warehouse  Reporting 
position  has  primary  responsibility 
for  maintaining  and  supporting  the 
ConAgra  SAP  Business  Ware¬ 
house  Reporting  Tools.  This  will 
include  providing  consultative  ser¬ 
vices  and  implementing  reporting 
solutions  for  the  SAP  ConAgra 
Operating  Units,  and  providing  cus¬ 
tomer  training  and  support  for  the 
reporting  tools.  At  the  direction  of 
the  Manager  for  Enterprise  Data 
Warehouse  and  Reporting,  the 
incumbent  will  work  with  the  Data 
Warehouse  Team.  Operating  Units 
and  business  constituents  to  suc¬ 
cessfully  deliver  Enterprise  Data 
Warehouse  projects  for  the  applica¬ 
tion  of  information  technology.  Will 
conduct  the  design,  development, 
implementation  and  support  efforts 
of  the  SAP  Business  Warehouse 
Reporting  applications;  perform 
execution  of  systems  maintenance, 
enhancement  and  production  sup¬ 
port  to  ensure  that  service  level 
expectations  for  functionality,  per¬ 
formance,  security  and  control  are 
fulfilled;  ensure  that  methodologies, 
architectures  and  standards  for 
systems  development  are  used  in 
the  areas  of  structure  systems 
development  life  cycle,  time  ac¬ 
counting.  systems  documentation, 
development  architectures,  coding 
and  testing  standards,  quality 
assurance  and  change  control,  and 
configuration  management.  Posi¬ 
tion  requires  minimum  of  a  Bachel¬ 
or's  degree  in  Computer  Science, 
Business  or  a  related  field  and  four 
(4)  years  experience  in  a  position 
that  involves  implementation  of 
complex  systems  projects.  Position 
fulltime,  M-F.  Salary  $75, 000/year 
Job  is  located  in  Omaha.  Nebraska 

Interested  applicants  may  submit 
their  resumes  to  www.conaqra 
foods.com.  click  on  “careers",  then 
“apply  now”.  Note:  You  must  type 
in  the  following  code  of  C-CMIS253 
in  the  box  labeled  “In  what  job  are 
you  interested"  in  order  to  apply  for 
this  position.  Failure  to  correctly 
enter  this  information  will  result  in 
non-consideration  for  the  position. 
You  may  also  submit  your  resume 
to  ConAgra  Foods,  Inc.,  Attn:  Judy 
Mincey,  Human  Resources  CC- 
255,  One  ConAgra  Drive,  Omaha, 
NE  68102. 


SYSTEMS  ANALYST  II  & 
ANALYST,  LEAD 
WEB  SYSTEMS  IT 

ADT  Security  Services,  Inc.,  has 
immediate  openings  in  its  Aurora, 
Colorado  and  Boca  Raton,  Florida 
offices  for  experienced  Systems 
Analysts. 

Must  possess  at  least  a  bachelor's 
in  Computer  Science  or  a  related 
field  and  relevant  work  experience 
with  Oracle  Applications,  Oracle 
Databases,  Oracle  Tools  and  PL/ 
SQL  for  Aurora  opportunity  or  rele¬ 
vant  supervisory/lead  expenence 
with  small  teams  and  web  devel¬ 
opment  experience,  including  Cold 
Fusion,  J2EE  technologies  and 
Electronic  Data  Interchange  (EDI) 
for  Boca  Raton  opportunity. 

Resume  and/or  cover  letter  must 
reflect  each  requirement  above 
and  specify  reference  code  SAHM 
/ALPS  or  it  will  be  rejected. 

Forward  resume  to  Theresa  Maia, 
ADT,  One  Town  Center  Road, 
Boca  Raton,  FL  33486-1010. 


Business  and  Quality  Assurance 
Analyst  (BA/QA)  needed  to  take 
part  in  defining  Visibility's  testing 
process  and  protocols,  develop  test 
scripts  with  the  BA/QA  Team,  exe¬ 
cute  testing  plans  using  manual, 
automated,  and  performance  test 
scripts.  The  BA/QA  will  also  work 
with  Application  Developers  and  the 
Product  Team  to  ensure  test  scripts 
accurately  test  against  require¬ 
ments.  user  interface  design,  and 
user  acceptance,  identify  &  resolve 
application  issues  with  application 
developers  and  assist  the  technolo¬ 
gy  infrastructure  team  in  testing 
scalability,  security,  etc.  Ideal  candi¬ 
date  must  have  Masters  in  Comput¬ 
er  or  related  field,  a  BS  in  Engineer¬ 
ing  or  Computer  related  field.  Must 
have  knowledge  of  SQL,  ASP, 
Visual  Basic.  HTML,  JavaScript,  MS 
Visio  and  MS  Project.  This  is  a  full 
time  position,  from  9a.m.  to  5p.m 
Please  fax  or  send  resume  to  Shan 
Gerencher  at  (312)  577-0789, 
Visibility,  Inc.,  225  N.  Michigan, 
Suite  1600,  Chicago,  IL  60601. 


PRINCIPAL  SOFTWARE  ENGI¬ 
NEER.  Duties  include  PSE 
responsible  for  applying  SW 
engineering  principles,  process¬ 
es,  theories  and  concepts  on 
multiple  platforms,  operating 
systems  and  computer  architec¬ 
tures  to  develop  highly  complex 
computer  SW  solutions  for  busi¬ 
ness  applications.  As  technical 
and  team  lead  for  development 
groups,  PSE  will:  assess, 
design,  and  document  detailed 
functional  specifications  and 
requirements;  and  implement, 
test  and  debug  highly  complex 
modules.  Duties  include:  deter¬ 
mine  technical  requirements  for 
project;  assess  and  implement 
metric  measures;  perform 
cost/benefit  analysis  at  project 
or  cross-platform  level;  develop 
multi-thread  network  applica¬ 
tions  and  services  using  C  and 
C++;  development  of  drivers; 
and  implement  security  proto¬ 
cols.  Effectively  communicate 
with  team  members,  manage¬ 
ment  and  clients  on  project 
progress,  modifications  and 
solutions.  Min.  Reqs.:  MS  (for¬ 
eign  equivalent  accepted)  in  CS, 
EE  or  related  plus  2  yrs  exp.  in 
the  job  offered  or  in  a  related 
occup.  performing  SW  engineer¬ 
ing,  design  or  development  OR 
in  the  alternative  BS/BA  plus  5 
yrs  progressive  exp.  in  job 
offered  or  in  related  occup.  per¬ 
forming  SW  engineering,  design 
or  development  PLUS,  all  candi¬ 
dates  must  possess  demonstrat¬ 
ed  knowledge  and  work  experi¬ 
ence  with:  (1)  SW  development 
of  multi-threaded  network  appli¬ 
cations  and  services  using  C 
and  C++;  (2)  Manipulation  of 
device  drivers  or  virtual  drivers; 
and  (3)  Implementation  of  secu¬ 
rity  protocols  (e.g.,  IPSec,  TLS, 
Radius).  Basic  pay  os  $88,000 
per  year  FT  and  standard  com¬ 
pany  benefits.  EEO.  Submit  2 
resumes  and  respond  to  Case 
No.  2002  00696,  Labor 

Exchange  Office,  19  Staniford 
Street,  1st  Floor,  Boston,  MA 
02114. 


Junior  Programmer  (North  Palm 
Beach,  FL):  Write  and  fix  system 
software  in  PERL,  HTML  and 
JAVASCRIPT  in  a  Unix 
Environment.  Program  Perl 
Modules/APIs  utilizing  ODBC/ 
DBI  utilities.  Produce  system 
documentation  for  new  prod¬ 
ucts.  Technical  support  for  web¬ 
site  and  performance  degrada¬ 
tion.  Troubleshoot  reservations 
systems,  including  writing  code. 
Utilize  knowledge  of  Apache 
running  Raven  and  Modperl, 
XML.  Perl.  Perl  ODBC/DBI, 
HTML,  Javascript,  Window  NT 
and  Windows  2000.  Unix, 
PVCS,  Sabre  and  Pegasus. 
Minimum  of  Bachelor’s  degree 
in  Computer  Information 
Systems;  and  6-month  experi¬ 
ence  in  job  offered  or  6-month 
experience  as  a  Technical 
Support  Assistant.  40  hour/ 
week;  9  a.m.  -  5:30  p.m.; 
$46, 000/year.  Please  send  two 
resumes  to:  Jean  Wroblewski, 
President,  WorldChoice- 
Travel.com,  Inc.,  11300  U.S. 
Highway  1,  Suite  300,  North 
Palm  Beach,  FL  33408. 


Full  time  position  to  work  as 
System  Engineer,  Requires  knowl¬ 
edge  and  technical  background 
coupled  with  broad  functional 
knowledge  in  Supervisory  Control 
and  Data  Acquisition  (SCADA)  sys¬ 
tems.  Primary  requirement  is  ex¬ 
pertise  and  strong  skill  set  in  C. 
C++,  shell  scripting,  network  pro¬ 
gramming,  Pro  *C,  PL/SQL.  Oracle 
Database  and  Unix  system  admin¬ 
istration  with  dbx,  gdb,  clearcase. 
CVS,  RCS  preferably  on  DEC 
Tru64  Unix.  Industrial  automation 
programming  experience  with 
RTU’s,  PLC's  &  at  least  one  GUI 
SCADA  software  package  such  as 
Osker.  Intellution  FIX32,  ONSITE 
9.x  is  required  on  Windows  XP. 
Developer2000.  SAMMI.  TOAD  is 
desirable  Requires  Master  of  Sci¬ 
ence  degree  in  Computer  Engin¬ 
eering  or  equivalent  and  1  year  of 
experience  in  the  job  offered. 
Applicants  should  send  resume  to 
Pyramid  Consulting  Inc.  8665 
Providence  Drive.  Noblesville.  IN 
46060. 
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New  York/ltew  Jersey 

Tom  Davis.  Associate  Publisher,  Eastern  Region 
Elisa  Della  Rocco  Regional  Sales  Manager 
Agata  Joseph.  Sales  Associate 
Internet:  tdavis.  elisas,  aioseph@nww.com 
(201)  587-0090/FAX:  (201)  712-9786 


Northeast 

Donna  Pomponi,  Regional  Sales  Manager 
Caitlin  Horgan.  Sales  Assistant 
Internet:  d pomponi,  chorgan@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 


Mid-Atlantic 

Jacqui  DiBianca.  Regional  Sales  Manager 
Marta  Hagan,  Sales  Assistant 
Internet:  jdibian,  mhagan@nww.com 
(610)  971-1530-FAX  (610)  975-0837 


Midwest/Central 

Enc  Danetz,  Regional  Sales  Manager 
Agata  Joseph,  Sales  Associate 
Internet:  edanetz,  ajoseph@nww.com 
(201)  587-0090/FAX:  (201)  712-9786 


Northern  California 

Sandra  Kupiec,  Associate  Publisher,  Western  Region 

Karen  Wilde,  Regional  Sales  Manager 

Miles  Dennison,  Regional  Sales  Manager 

Maricar  Lagura,  Office  Manager/Sales  Assistant 

Teri  Lowe,  Sales  Assistant 

Internet:  skupiec,  kwilde.  mdennison,  mlagura, 

tlowe@nww.com 

(650)  577-2700/FAX:  (650)  341-6183  

Northwest 

Lara  Greenberg,  Regional  Sales  Manager 
Teri  Lowe.  Sales  Assistant 
Internet:  Igreenberg,  tlowe@nww.com 
(650)  577-2700/FAX:  (650)  341-6183 

Southwest/Rockies 

Becky  Bogart  Randell,  Senior  District  Manager 
Angela  Norton,  Sales  Assistant 
Internet:  brandell,  anorton@nww.com 
(949)  250-3006/FAX:  (949)  833-2857 _ 


Southeast 

Don  Seay,  Regional  Sales  Manager 
Caitlin  Horgan,  Sales  Assistant 
Internet:  dseay,  chorgan@nww.com 
(404)  845-2886/FAX:  (404)  250-1646 


Customer  Access  Group 

Tom  Davis,  Assoc.  Publisher  Eastern  Region/General 

Manager,  Customer  Access  Group 

Shaun  Budka,  Director,  Customer  Access  Group 

Kate  Zinn,  Sales  Manager,  Eastern  Region 

Sean  Weglage,  Sales  Manager,  Western  Region 

Sharon  Stearns,  Manager,  Client  Services 

Caitlin  Horgan,  Sales  Assistant 

Internet:  tdavis,  sbudka,  kzinn,  sweglege,  ssteams, 

chorgan@nww.com 

(508)  460-3333/FAX:  (508)  460-1237 _ 


EvileeThibeault,  CEO/Publisher 

John  Gallant,  President/Editorial  Director 

Eleni  Brisbois,  Administrative  Planning  Manager 

FINANCE 

Mary  Fanning,  Vice  President  Finance 

Paul  Mercer,  Finance  Manager 

Betty  Amaro- White,  Event  Finance  Manager 

HUMAN  RESOURCES 

Elizabeth  Price,  Director  of  Human  Resources 
Eric  Cormier,  Human  Resources  Representative 

MARKETING 

TerryAnn  Croci,  Senior  Director  of  Marketing 
Barbara  Sullivan,  Senior  Research  Analyst 
Judy  Schultz,  Senior  Marketing  Designer 
Cindy  Panzera,  Graphic  Specialist 

GLOBAL  PRODUCT  SUPPORT  CENTER 

Nancy  Sarlan-Parquette,  Sr.  Product  Marketing  Manager 

PRODUCTION  SERVICES 

Greg  Morgan,  Senior  Director,  Production  Services 
Karen  Wallace,  Senior  Director,  Advertising  Operations 
Scott  Delugan,  Senior  Production  Coordinator 
JamiThompson, Traffic  Coordinator 
VeronicaTrotto,  Advertising  Coordinator 
Maro  Eremyan,  Advertising  Coordinator 
CIRCULATION 

Richard  Priante,  Senior  Director  of  Circulation 
Bobbie  Cruse,  Subscriptions  Manager 
Mary  Mclntire,  Circulation  Marketing  Manager 

RESEARCH 

Ann  MacKay,  Research  Director 

DISTRIBUTION 

BobWescott,  Distribution  Manager/(508)  879-0700 

IDG  LIST  RENTAL  SERVICES 

Paul  Capone,  Account  Executive 

P.O.  Box  9151,  Framingham,  MA  01701-9151 

(800)  343-6474/(508)  370-0825,  FAX:(508)  370-0020 

SEMINARS.  EVENTS  AND  IDG  EXECUTIVE  FORUMS 

Robin  Azar,  Vice  President  of  Events 

Chris  Shipley, Vice  President/Executive  Producer 

Michele  Zarella,  Director  of  Operations 

Sandra  Gittlen,  Events  Editor 

Neal  Silverman,  Senior  Director  of  Event  Sales 

Andrea  D'Amato,  Sales  Director/Strategic  Partnerships 

Kristin  Ballou-Cianci,  Senior  Event  Sales  Manager 

Sandy  Weill,  Event  Sales  Manager 

Maureen  Riley,  Event  Sales  Manager 

Judy  Tyler,  Sales  Operations  Specialist 

Karyn  Williams,  Managing  Dir.  of  Conference  Development 

Mark  Hollister,  Senior  Director  of  Event  Marketing 

Debra  Becker,  Dir.,  Marketing  &  Audience  Development 

Sara  Evangelous,  Marketing  Manager 

Timothy  Johnson,  Marketing  Specialist 

Tim  DeMeo,  Senior  Operations  Specialist 

ONLINE  SERVICES 


Fusion 

Alonna  Doucette,  Vice  President  Online  Development 
James  Kalbach,  Director,  Online  Services 
Stephanie  Gutierrez,  Online  Account  Manager 
Debbie  Lovell,  Online  Account  Manager 
Kristin  Douglas,  Online  Operations  Manager 
Internet:  adoucette,  jkalbach,  sgutierrez,  dlovell, 
kdouglas@nww.com 

(610)  341-6025/FAX:  (610)  971-0557 _ 


MARKETPLACE 

Response  Card  Decks/MarketPlace 

Richard  Black,  Director  of  Marketplace 
Karima  Zannotti,  Senior  Account  Manager 
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Getting  ready  for  RFID 

RFID  promises  improvements  in  supply-chain  operations 
and  customer  service,  but  there  are  technical  and 
philosophical  hurdles  to  overcome. 


Advantages 

•  Cuts  the  cost  of 
performing  physical 
inventory  checks. 

•  Enables  better  stock 
replenishment  on  store 
shelves. 

•  Reduces  theft  and  fraud 
through  item-level  tracking. 


Obstacles 

•  Privacy  concerns. 

•  Lack  of  standards,  multiple 
transponder  frequencies. 

•Too  few  tools  for  managing 
data  that  RFID  generates  in 
conjuction  with  other 
enterpise  data  systems. 


RFID 

continued  from  page  1 

information  stored  on  the  chips. 
The  decadesold  technology  —  it 
was  used  to  track  aircraft  during 
World  War  II  —  powers  Exxon¬ 
Mobil’s  Speedpass  payment  sys¬ 
tem,  for  example.  It’s  also  com¬ 
monly  used  for  luggage  tagging 
systems  at  airports  and  highway 
toll  collection  systems. 

The  retail  and  consumer  goods 
industry  has  been  abuzz  for  the 
past  couple  of  years  about  RFID’s 
potential  to  improve  supply- 
chain  processes,  and  momen¬ 
tum  is  growing.  At  an  AMR 
Research  retail  and  consumer- 
goods  conference  this  month, 
63%  of  250  attending  executives 
said  they  are  evaluating  elec¬ 
tronic  product  codes  enabled  by 
RFID  technology. 

For  retailers  and  manufacturers, 
RFID  provides  an  alternative  to 
traditional  bar  codes;  garment 
tags  embedded  with  tiny  chips 
and  antennas  store  information 
relating  to  an  item’s  style,  size, 
color  and  intended  destination, 
for  example. 


But  whereas  bar  codes  must  be 
read  one  at  a  time  by  devices 
within  line  of  sight,  RFID  tags  can 
be  read  when  they’re  sitting  in 
closed  boxes.  In  addition,  RFID 
readers  can  scan  multiple  items  at 
once.  Instead  of  unpacking  and 
counting  every  item  in  a  ship¬ 
ment  by  hand,  a  warehouse  em¬ 
ployee  could  scan  the  entire  con¬ 
tents  of  a  sealed  box  in  one  pass. 

The  allure  of  using  RFID  in  the 
supply  chain  is  greater  visibility 
With  RFID-outfitted  merchandise 


—  and  a  means  to  extract  data 
from  RFID  systems  and  feed  it  to 
enterprise  sales,  inventory  and 
warehouse  management  sys¬ 
tems  —  retailers  and  manufac¬ 
turers  could  track  products  from 
distribution  centers  to  store 
shelves  in  order  to  reduce  out-of¬ 
stock  conditions  and  trim  ware¬ 
house  operating  costs.  Ideally, 
sales  and  supply-chain  informa¬ 
tion  would  be  available  in  real 
time  to  retailers  and  manufactur¬ 
ers  responsible  for  estimating 


merchandise  demand. 

Companies  including  CVS,  Gap, 
Procter  &  Gamble  and  Wal-Mart 
have  announced  RFID  pilots  over 
the  past  several  months.  However, 
large-scale  RFID  deployments  by 
retailers  and  their  suppliers  are 
virtually  nonexistent.  When  it  was 
announced  in  March,  the  Philips- 
Benetton  deal  was  big  for  the 
industry 

“By  purchasing  15  million  RFID- 
chipped  tags  from  Philips,  Ben¬ 
etton  becomes  the  first  retailer  to 
push  item-level  RFID  out  of  pilot 
and  into  its  5,000  stores,"  Forrester 
Research  said. 

But  now  Benetton  appears  to 
be  retreating  from  its  RFID  en¬ 
dorsement  after  privacy  objec¬ 
tions.  This  month  the  company 
declared  that  no  microchips  are 
present  in  the  garments  it  pro¬ 
duces  and  sells,  and  that  it  hasn’t 
made  any  decisions  about  using 
RFID.  Benetton  acknowledged  in 
a  statement  that  it  is  analyzing 
RFID  technology  but  emphasized 
“that  no  feasibility  studies  have 
yet  been  undertaken  with  a  view 
to  the  possible  industrial  intro¬ 
duction  of  this  technology’ 

“On  completion  of  all  studies 
on  this  matter,  including  careful 
analysis  of  potential  implica¬ 
tions  relating  to  individual  priva¬ 
cy,  the  company  reserves  the 
right  to  take  the  most  appropri¬ 
ate  decision  to  generate  maxi¬ 
mum  value  for  its  stakeholders 
and  customers,”  Benetton’s  state¬ 
ment  read. 

Adding  to  the  cloud  forming 
over  RFID  is  a  technology  hiccup 
that  another  high-profile  RFID 
adopter,  Gillette,  is  experiencing. 

Gillette  bought  500  million  tags 
—  reportedly  for  less  than  10 
cents  per  tag  —  from  Alien  Tech¬ 
nology  The  deal  encouraged  in¬ 
dustry  watchers,  hoping  the  price 
of  RFID  tags  just  might  get  to  the 
sought-after  nickel-a-tag  level 
believed  to  be  necessary  for 
widespread  adoption. 

But  at  an  IdTechEx  conference 
on  RFID  last  month,  Gillette  said 
the  half-billion  Alien  tags  it 
bought  aren’t  European-compli¬ 
ant  and  that  it  is  conducting  tests 
with  tags  from  Philips  for  possible 
use  overseas. 

Experts  say  it’s  no  surprise  that 
multiple  RFID  systems  might  be 
required  to  meet  regional  fre¬ 
quency  and  power  requirements. 
Laws  regulating  radio  frequency 
differ  in  Asia,  Europe  and  North 
America,  says  Peter  Abell,  re¬ 
search  director  at  AMR. 

“Japan  does  not  even  allow 
UHE  which  is  the  preferred  tag 
frequency  here  in  the  U.S.  and 
would  probably  be  the  preferred 


—  but  at  a  lower  power  —  in 
Europe,”  Abell  says.  Companies 
therefore  need  to  prepare  for  dif¬ 
ferent  frequency  requirements  of 
the  major  continents.  “One  size 
doesn’t  fit  all,  relative  to  this  tech¬ 
nology’  he  says. 

Neither  are  the  privacy  con¬ 
cerns  raised  in  the  Benetton  flap 
a  surprise.  Among  attendees  at 
AMR’s  retail  and  consumer  goods 
conference,  52%  indicated  con¬ 
sumer  concerns  about  privacy 
would  be  the  major  roadblock  in 
the  public’s  acceptance  of  RFID. 

That  both  events  garnered  sig¬ 
nificant  press  coverage  is  an  indi¬ 
cation  that  there  needs  to  be 
better  information  disseminated 
about  RFID. 

“There’s  been  a  lot  of  overhyp¬ 
ing  of  RFID. Some  of  it’s  great, and 
some  of  it’s  doing  injustice  to  the 
industry’  says  Michael  Liard,  a 
senior  analyst  at  technology 
research  firm  Venture  Develop¬ 
ment.  “We  really  need  to,  as  an 
industry  delineate  what  is  real  vs. 
what  is  potential  today  with  RFID 
technology’ 

Meanwhile,  progress  is  being 
made  on  privacy  and  standards 
fronts. 

The  Auto-ID  Center,  an  indus¬ 
try-funded  research  program 
based  at  the  Massachusetts 
Institute  of  Technology  (MIT), 
has  developed  privacy  guide¬ 
lines  for  retailers.  Some  of  those 
guidelines  include  building  a 
“tag-kill”  command  into  RFID 
systems;  notifying  users  that 
electronic  tags  are  present;  and 
providing  consumers  the  option 
to  render  a  chip  nonfunctional. 

On  the  standards  front,  groups 
such  as  Auto-ID  Center  are  work¬ 
ing  to  address  interoperability 
issues.  So,  too,  are  vendors.  MIT 
spinout  ThingMagic  has  devel¬ 
oped  an  RFID  reader  that  can 
handle  multiple  frequencies  and 
power  levels,  Abell  says. 

In  the  end,  neither  Benetton’s 
nor  Gillette’s  issues  will  do  perma¬ 
nent  damage  to  RFID,  analysts  say 

“It’s  not  a  setback  for  the  indus¬ 
try’  Liard  says.  “It’s  just  part  of  the 
normal  maturation  process.” 

The  bad  publicity  won’t  stall 
RFID  development,  says  Jeff 
Woods,  principal  analyst  at  Gart- 
ner.“There  is  a  risk  that  if  the  tech¬ 
nology  remains  overhyped,  peo¬ 
ple  will  have  unrealistic  assump¬ 
tions  about  the  technology  and 
maybe  become  disenfranchised 
with  [it],” he  says.“But  the  poten¬ 
tial  reward  is  so  big  that  we’re 
going  to  continue  to  see  people 
very  interested  in  this.”B 
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Start-up  digs  for  legal  evidence 


■  BY  DENI  CONNOR 

AUSTIN,  TEXAS  —  Start-up  RenewData  is  at  the 
center  of  a  ripe  and  growing  business  as  the  result 
of  government  regulations  aimed  at  uncovering 
corporate  malfeasance,  the  company  recovers 
e-mail  messages  and  files  that  attorneys  and  their 
clients  need  from  the  hundreds  of  tapes  that  busi¬ 
nesses  keep  offsite. 

The  company’s  service  involves  restoring  e-mails 
and  files  cited  in  subpoenas  that  are  stored  on  tape 
that  is  often  difficult  to  recover,  incompatible  and 
nearly  impossible  to  recover.  Because  it  is  difficult  for 
companies  to  recover  data  on  their  own  and  even 
harder  for  them  to  reconstruct  “evidence”  from  the 
thousands  of  tapes  and  disk  drives  they  archive  data 
on.RenewData’s  Active  Vault  service  does  it  for  them. 

Using  proprietary  techniques,  RenewData  sifts 
through  data,  restoring  it  without  duplicating  redun¬ 
dant  files  and  searching  for  pertinent  e-mails  and 
files  that  litigants  want.The  company  then  provides 
the  evidence  to  the  customers  on  whatever  method 
of  storage  they  desire,  for  them  to  use  in  defending 
against  legal  actions  and  documenting  how  transac¬ 
tions  or  chains  of  events  took  place. 

“That’s  been  a  hugely  inefficient  process  for  the 
firms  that  were  compliant  with  the  Securities  and 
Exchange  Commission  Records  Storage  Rule  and 
had  to  retrieve  their  information  that  was  really  inac¬ 
cessible,  unindexable  and  in  incompatible,  unre- 
trievable  formats, "says  Scott  Kursman.vice  president 
and  associate  general  counsel  for  the  Securities 
Industries  Association,  an  organization  that  repre¬ 
sents  the  interests  of  investment  banks,  broker-deal¬ 
ers  and  mutual  fund  companies. 

RenewData  says  that  its  data-recovery  service  also 


is  used  by  financial  industries  that  have  to  comply 
with  SEC  or  other  regulatory  guidelines  for  the 
archiving  of  e-mail  and  other  electronic  documents. 

“Companies  were  not  able  to  produce  the  material 
in  the  time  frame  people  expected, solely  as  a  result 
of  the  format  they  were  being  required  to  keep,” 
Kursman  says.  “That’s  another  pressure  point  —  all 
these  litigation  and  regulatory  pressures.  I’ve  seen 
cases  where  judges  have  cited  the  record-keeping 
parties  in  the  litigation  for  failure  to  conduct  discov¬ 
ery  on  a  prompt  and  efficient  basis.” 

RenewData  also  is  working  on  a  hardware-software 
package  called  ActiveVault  Enterprise  to  solve  the 
problem  of  handing  customer  data  that  they  can’t 
do  anything  with  after  the  litigation  is  past.The  pack¬ 
age  would  consolidate  current  e-mail  and  file  data 
with  that  of  data  RenewData  has  recovered.  Active- 
Vault  Enterprise  will  be  based  on  network-attached 
storage  gear  and  present  current  archived  e-mails  to 
the  user  with  metadata  references,  by  which  they 
can  build  rules  to  query  the  stored  content  to  find 
e-mails  relevant  to  legal  inquiries.  It  works  to  retrieve 
data  required  by  SEC  audits  or  the  Sarbanes-Oxley 
Act  of  2002,  which  affects  the  accounting  practices 
of  publicly  owned  companies. 

ActiveVault  Enterprise  will  continue  to  dedupli¬ 
cate  data  and  store  metadata  references  for  it  in  an 
Oracle  9i  database.  Attorneys  for  companies  then 
can  access  the  data,  extract  documents  that  are  per¬ 
tinent  to  subpoenas  or  discovery  orders,  thus  saving 
money  and  time  in  discovery  costs.  ActiveVault 
Enterprise  will  be  priced  on  the  number  of  terabytes 
stored  and  is  expected  to  be  available  this  summer. 

RenewData’s  service  competes  against  services 
provided  by  Ontrack  Data  Recovery,  911  Forensic 
Data  and  the  Data  Recovery  Group.  ■ 
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ERP  consolidation 

Companies  considering  consolidating  their  ERP  systems 

should  first  weigh  the  advantages  of  centralized  vs. 

decentralized  systems,  according  to  Gartner. 

Why  centralized  ERP? 

•  It's  more  expensive  to  build,  operate  and  maintain  multiple 
production  systems. 

•  Application  functionality  across  multiple  systems  diverges  over 
time,  making  it  difficult  to  get  consistent  views  of  vital  business 
data.This  causes  duplication  of  master  data  describing 
customers,  materials  and  products,  and  it  increases  the  number 
of  reports  and  the  need  for  reconciliation  across  systems. 

•  Globalization  requires  standardized  business  processes 
whenever  possible.  It’s  simpler  to  harmonize  and  standardize 
business  processes  on  a  smaller  number  of  production  systems. 

Why  decentralized  ERP? 

•  Various  business  units  already  have  a  number  of  separate 
ERP  systems  and  are  happy  with  those  solutions. 

•  Corporations  prefer  a  highly  autonomous  approach  to  running 
their  various  business  units,  which  would  make  it  difficult  to 
recentralize. 

•  Companies  will  achieve  minimal  business  value  from 
standardized  ERP  business  processes  —  for  example,  if 
corporate  reporting  for  separate  divisions  is  not  a  priority. 


ERP 
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tackled  are  getting  attention  as 
companies  try  to  squeeze  ineffi¬ 
ciencies  out  of  their  existing  ERP 
systems,  says  Bill  Swanton,  vice 
president  at  AMR  Research. 

Over  the  years  companies 
have  deployed  multiple  versions 
of  their  ERP  software,  in  part  be¬ 
cause  ERP  in  its  early  days  was  a 
site-specific  effort  and  the  soft¬ 
ware  was  difficult  to  scale  to 
very  large  organizations, 
Swanton  says.  Products  were 
limited  in  the  number  of  differ¬ 
ent  languages,  character  sets 
and  country-specific  regulations 
they  could  support  on  the  same 
instance. 

So  companies  deployed  sepa¬ 
rate  applications  for  different  re¬ 
gional  offices  or  business  units, 
each  of  which  made  configura¬ 
tion  decisions  according  to  local 
practices  —  a  division  in  Europe 
might  compute  the  cost  of  goods 
sold  differently  from  a  division  in 
Asia,  for  example.  Heavy  cus¬ 
tomization  was  common. 

“Companies  didn’t  want  to  go 
through  the  hassle  of  trying  to  get 
everyone  to  agree  on  how  to  do 
stuff,  so  each  group  grabbed  their 
licenses  and  ran  and  did  their 
own  thing,” Swanton  says. 

It’s  particularly  common  among 
Oracle  users  to  have  rolled  out 
multiple  ERP  versions  —  but  it’s 
not  limited  to  Oracle  customers, 


Swanton  says.  Users  of  other  ERP 
software  face  many  of  the  same 
implementation  complications. 
(See  related  story  below.) 

Cleanup  time 

“Your  ERP  system  should  be 
something  you  don’t  even  think 
about,”  ViewSonic’s  Moon  says. 
“Do  you  think  about  your  refriger¬ 
ator  running?  No.  Are  you  worried 
your  car  is  going  to  start  in  the 
morning?  No.  Your  ERP  system 
should  be  the  same  way. 
Companies  that  have  to  worry 
about  their  ERP  systems  are 
doing  something  wrong.” 

One  advantage  of  migrating  to 
a  single,  global  ERP  instance  is 
greater  visibility  into  a  compa¬ 
ny’s  worldwide  operations.  A 
timely  view  of  global  inventory 
statistics,  for  example,  could 
eliminate  the  common  paradox 
wherein  a  company  has  one  of 
its  factories  paying  a  supplier 
certain  prices  to  get  a  part  that’s 
in  oversupply  in  another  factory, 
Swanton  says. 

Another  draw  for  multinational 
companies  is  the  ability  to  imple¬ 
ment  shared  services  organiza¬ 
tions  for  financial  functions, 
instead  of  supporting  duplicate 
departments,  such  as  accounts 
receivable  and  accounts  payable, 
in  dozens  of  countries.  Con¬ 
solidating  financial  functions 
could  let  companies  reduce  their 
financial  staff  by  40%  to  60%, 
Swanton  says.Those  are  big,  per¬ 


manent  savings,”  he  says. 

Engineering  change 

CH2M  Hill  is  in  the  early  stages 
of  its  instance  consolidation  pro¬ 
ject.  But  it’s  been  a  long-time 
goal  of  the  Englewood,  Colo., 
firm,  which  provides  services 
including  planning,  engineering 
design,  construction  and  project 
development. 

“We  had  a  vision  of  someday 
going  to  a  global  instance,”  says 
Jim  Butt,  IT  director  for  MIS  at 
CH2M  Hill. “And  Oracle  had  a  lot 
of  ideas  about  where  they  want¬ 
ed  to  take  their  applications  that 
were  consistent  with  our  vision.” 

But  first  CH2M  Hill  had  to  wait 
for  the  technology  to  catch  up  to 
its  vision. 

CH2M  Hill  licensed  Oracle’s 
financials,  projects  and  purchas¬ 
ing  software  in  1993.  Today  the 
firm  runs  four  different  instances 
of  Oracle  software,  three  in  the 
U.S.  and  one  in  Canada.  One  of 
the  U.S.  instances  is  new  — 
Version  1 1.5.7,  running  in  CH2M 
Hill’s  Denver  data  center  —  and  is 
set  to  become  the  company’s 
global  platform. 

While  Oracle  for  some  time  has 
offered  strong  multinational 
capabilities  in  its  financial  appli¬ 
cations,  CH2M  Hill  needed 
robust  multiorganization  capabil¬ 
ities  built  into  Oracle’s  project 
costing  and  billing  modules.  Butt 
says.  “The  center  of  our  universe 
is  a  project,”  he  says.  “We  really 


needed  that  functionality  down 
in  the  projects  module.” 

Specifically,  CH2M  Hill  wanted 
tools  to  simplify  project  account¬ 
ing  procedures  required  when 
the  company’s  subsidiaries  do 
work  for  one  another  —  which 
happens  a  lot,  Butt  says. 

About  two  years  ago,  Oracle 


delivered.  Cross-charging  capabil¬ 
ities  built  into  Oracle’s  current 
applications  will  let  any  sub¬ 
sidiary  make  charges  to  a  project 
owned  by  a  different  subsidiary, 
and  all  the  accounting  is  done 
automatically,  Butt  says. 

The  firm’s  old  way  of  account¬ 
ing  for  intrasubsidiary  services  is 
more  complex.  Five  years  ago, 
CH2M  Hill  built  a  customized 
“affiliate  billing” system  that  oper¬ 
ates  like  an  exchange  mart 
through  which  any  of  CH2M  Hill’s 
entities  can  buy  and  sell  from 
each  other,  Butt  says.’Jt  takes  a  lot 
of  transactions  and  a  lot  of  time," 
he  says.’Jt  has  served  us  well,  but 
now  we  can  have  the  real  thing." 

Before  attempting  to  consoli¬ 
date  its  Oracle  instances,  CH2M 
Hill  tackled  a  different  migration. 
Last  October  the  firm  moved  40 
subsidiaries  that  were  using  J.D. 
Edwards  software  to  a  single 
instance  of  Oracle  1 1.5.7.  What’s 
left  to  do  is  move  the  company’s 
three  remaining  Oracle  instances 
over  to  this  new  platform,  which 
CH2M  Hill  hopes  to  accomplish 
by  year-end. 

“We’re  going  to  have  one  in¬ 
stance,  globally,  for  human 
resources,  payroll,  projects,  pur¬ 
chasing  and  financials,”  Butt  says. 

Prioritizing  process 

Like  CH2M  Hill,  ViewSonic 
made  process  makeovers  the 
centerpiece  of  its  instance 

See  ERP,  page  96 


Is  ERP  consolidation  an  Oracle  phenomenon? 


Instance  consolidation  is  popular  among 
Oracle  customers  for  a  few  reasons, 
says  Bill  Swanton,  vice  president  at 
AMR  Research.  For  one,  users  tended  to 
roll  out  Oracle  software  in  a  fragmented 
way  —  Oracle  basically  encouraged  com¬ 
panies  to  implement  its  software  site  by 
site  and  even  department  by  department, 
he  says. 

In  its  early  days  of  offering  ERP  software, 
Oracle  didn't  have  mature  multinational  fea¬ 
tures.  “Until  seven  or  eight  years  ago, 

Oracle  really  couldn't  have  supported  this 
kind  of  implementation,”  Swanton  says. 

And  lastly,  quality  problems  with  Oracle 
1 1  i  kept  companies  from  upgrading  over  the 
last  t  wo  years,  which  means  many  compa¬ 
res  are  running  old  versions  of  Oracle  soft¬ 
ware  As  the  vendor  prepares  to  freeze  sup¬ 
port  for  Version  10.7,  a  lot  of  Oracle  users 
e  o.  ntemplating  upgrades,  Swanton  says. 
Anri  f  they’re  looking  at  upgrades,  they're 
looking  at  consolidation,”  he  says. 

Oracle  customers  considering  ERP  con¬ 


solidation  need  look  no  further  than  their 
vendor  for  inspiration:  Oracle  is  nearing 
completion  of  a  four-year  effort  to  slash 
the  number  of  instances  it  supports  from 
70  to  one. 

“We  started  with  over  70  financial 
instances,  basically  one  per  country. 

Each  ran  on  separate  boxes  with  sepa¬ 
rate  databases,"  says  Bret  Fuller,  senior 
vice  president  of  IT  for  applications  at 
Oracle.  Oracle  has  whittled  its  systems 
down  to  three  instances,  and  in  October 
it  will  have  one,  global  database  for  all  of 
its  financial  systems.  (Read  the  full  story 
online  at  www.nwfusion.com,  DocFinder: 
5660.) 

Compared  with  Oracle  users,  there  are 
fewer  SAP  customers  undertaking  instance 
consolidation,  Swanton  says. 

But  they  do  exist.  "There  are  plenty  of 
people  looking  at  it  in  SAP,  but  it’s  very 
much  an  Oracle  phenomenon,”  he  says. 

One  reason  instance  consolidation  pro¬ 
jects  are  less  common  among  SAP  users  is 


that  SAP  has  preached  the  benefits  of 
global  ERP  longer  than  its  peers.  SAP  was 
the  first  ERP  vendor  to  start  talking  about 
one  multinational  system,  at  least  10  years 
ago,  Swanton  says.  "Quite  frankly,  what 
drove  a  lot  of  large,  multinational  companies 
to  jump  on  the  SAP  bandwagon  very  early 
is  that  they  could  have  this  idea  of  a  global 
system,"  he  says. 

ERP  consolidation  projects  also  are  less 
common  among  users  of  PeopleSoft,  which 
has  its  roots  in  human  resources.  The  ven¬ 
dor's  human  resources  software  was  con¬ 
ceived  to  consolidate  workforce-related 
tasks  companywide,  so  users  tended  to 
implement  its  software  as  single  instances, 
Swanton  says. 

Many  J.D.  Edwards  rollouts  could  be  ripe 
for  instance  consolidation,  once  the  ven¬ 
dor's  globalization  features  mature,  he  says. 
“They’re  just  at  this  point  getting  ready  to 
be  able  to  deploy  on  a  really  global  basis," 
Swanton  says. 

—  Ann  Bednarz 
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center.  NuContact  Center  is  a 
Linux-based  Dell  server,  running 
a  call-control  and  call-routing 
platform  based  on  SIP  and  pro¬ 
prietary  routing  software.  The 
box  can  be  deployed  across  mul¬ 
tiple  call  centers  and  used  to 
coordinate  voice, e-mail  and  Web 
customer  service  technologies 
into  one  system. 

A  client  “dashboard”  applica¬ 
tion  for  Windows  XP  combines  a 
SIP-based  softphone  with  CRM 
interface  tools,  and  Web/e-mail 
customer  interface  applications 
into  a  view  for  call  center  agents. 
A  USB  headset  is  used  instead  of 
a  desktop  IP  phone. 

Security  scene 

As  always,  security  will  be  a  hot 
topic  at  this  show,  with  several 
VPN  and  intrusion-detection  ven¬ 
dors  introducing  wares. 

Fortinet  and  Resilience  are  add¬ 
ing  automated  intrusion  blocking 


to  their  security  appliances. 

Whereas  Fortinet’s  FortiGates 
previously  have  supported  intru¬ 
sion  detection  and  alarming, 
they  now  can  automatically 
block  the  common  attacks  that 
they  detect.This  feature  is  expect¬ 
ed  to  ship  with  two  new 
FortiGate  hardware  platforms 
that  Fortinet  is  announcing.  The 
company  says  the  feature  will  be 
added  later  to  the  software  of 
existing  FortiGate  products. 

Fortinet  will  announce  two 
new  versions  of  its  FortiGate 
security  appliances,  the  FortiGate 
60  and  FortiGate  1000,  which  add 
intrusion-detection  and  intru¬ 
sion-protection  capabilities  to 
the  platform. 

FortiGate  60  is  designed  for 
branch  offices  and  home  offices, 
and  includes  a  four-port  10/100M 
bit/sec  Ethernet  switch  and  a 
70M  bit/sec  firewall  and  VPN  sup¬ 
port  with  20M  bit/sec  Data 
Encryption  Standard  encryption. 
The  device  has  two  WAN-facing 
Ethernet  ports  for  connecting  to 


separate  Internet  links  to  back  up 
each  other.  It  costs  $  1 ,000. 

FortiGate  1000  is  a  gigabit  fire¬ 
wall  platform  with  an  IP  Security 
VPN  speed  of  250M  bit/sec.  It  has 
four  10/100  ports  that  are  config¬ 
urable  to  connect  to  a  LAN  or  to  a 
secure  network  segment  or  WAN. 
It  also  has  two  copper  Gigabit 
Ethernet  ports.  FortiGate  1000, 
which  costs  about  $123,000,  has  a 
high-availability  port  that  would 
let  two  of  the  devices  be  tied 
together  as  backup. 

Resilience  will  announce  that  its 
Check  Point-based  firewall/VPN 
appliances  also  will  support  Secos 
intrusion  detection.  The  two  soft¬ 
ware  platforms  are  integrated  so 
that  after  detecting  an  intrusion, 
the  Secos  software  can  alter 
Check  Fbint  firewall  settings  to 
block  it.  The  software  also  sends 
notification  of  the  attack  to  an 
administrator  for  further  inspec¬ 
tion  and  logs  the  intrusion.  The 
Resilience  appliances  start  at 
about  $20,000  and  are  expected 
to  be  available  by  midyear. 


fc  ICompanies  that  have 
to  worry  about  their 
ERP  systems  are  doing 
something  wrong.  9  9 

Robert  Moon 

Vice  president  of  information 
services,  ViewSonic 
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consolidation  efforts. 

The  first  time  it  implemented 
Oracle’s  ERP  software,  ViewSonic 
automated  existing  processes, 
customizing  the  software  to 
accommodate  local  practices, 

Moon  says. 

This  time  around,  ViewSonic 
overhauled  its  processes  before 
tackling  technology.  U.S.  project 
team  members  held  weekly  con¬ 
ference  calls  with  their  counter¬ 
parts  in  Europe  and  Asia  to  determine  common 
accounting  practices.  “We  spent  about  two  months 
coming  into  agreement  on  these  business  processes 
and  business  structures  before  we  even  started  any 
Oracle  reimplementation,”  Moon  says. 

Process  drivers  are  critical,  experts  say.  Under¬ 
taking  instance  consolidation  simply  for  the  sake  of 
technology  isn’t  necessarily  a  worthwhile  thing, 
Swanton  says.“There’s  probably  for  most  companies 
a  20"..  to  25%  IT  savings”  to  be  gained  by  instance 
consolidation,  Swanton  says.  “But  that  alone  isn’t 
going  to  justify  spending  the  money  because,  quite 
frankly,  doing  this  is  the  equivalent  of  reimplement¬ 
ing  your  ERP  system.  It’s  a  big  project.” 

Users  agree  that  limiting  customization  also  is  crit¬ 
ical  to  a  successful  ERP  reimplementation. 

CH2M  Hill  put  huge  customizations  in  place  dur¬ 
ing  its  initial  round  of  Oracle  rollouts,  Butt  says.  “We 
have  close  to  1,000  customizations  in  these  four  in¬ 
stances  of  the  financials,"he  says.“Now  we’re  paying 
the  >rice  for  getting  those  all  in  the  same  place.” 

Sin'  lad;.:  ViewSonic  in  its  original  three  Oracle 
imj  ieri  <  stations  had  more  than  500  customiza- 
tion.->  For  its  new  rollout,  ViewSonic  adopted  a  “no 
customizations”  stance,  opting  to 
alter  its  business  processes  rather 
than  tinkei  with  product  code. 


Moon  says. 

In  migrating  to  one  instance  of  Oracle,  ViewSonic 
decommissioned  about  $1  million  in  hardware  and 
slashed  its  IT  staff.  When  Moon  arrived  there  were  36 
people  in  the  IT  organization  responsible  for  main¬ 
taining  Oracle  systems.  He  cut  it  to  14  people  before 
even  starting  the  new  implementation. 

“People  here  were  sort  of  shaking  their  heads,” 
when  he  cut  that  many  Oracle  experts.  Moon  says. 
“They  didn’t  know  if  1  knew  what  1  was  doing  or  not, 
but  they  discovered  I  did.” 

CH2M  Hill,  too,  has  realized  efficiencies  —  even 
though  it’s  still  early  in  its  instance  consolidation 
project.  Migrating  40  business  units  from  the  J.D. 
Edwards  software  to  one  instance  of  Oracle  has  sim¬ 
plified  the  day-to-day  work  of  IT  and  finance  staff. 
“There’s  a  lot  of  business  process  simplification  that 
comes  out  of  this,”  Butt  says. 

Down  the  line,  getting  to  a  single,  global 
instance  will  free  IT  staff  to  do  more  in  other 
areas,  Butt  says. 

“That’s  really  what  the  executive  management 
of  our  company  is  striving  for  —  they  want  us  to 
do  more  with  the  same  resources,”  he  says.“As  the 
company  grows,  they  don’t  want 
the  infrastructure  to  have  to 
grow.”  ■ 
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Also  at  the  show,  ICSA  Labs  will 
announce  plans  for  an  SSL  certi¬ 
fication  program  that  will  in¬ 
clude  evaluating  SSL  remote- 
access  gear.  ICSA  has  written  a 
high-level  outline  of  the  core  ele¬ 
ments  each  product  must  meet 
and  wants  to  gather  input  from 
SSL  product  developers  about 
what  criteria  should  be  included. 

The  certification  program  will 
review  products  for  technical 
performance  and  for  ease  of  use, 
says  Brian  Monkman,  SSL/trans¬ 
port  layer  security  (TLS)  technol¬ 
ogy  program  manager  at  ICSA 
Labs.  “You  can  have  all  the  best 
security  in  the  world  and  if  it’s 
not  easy  to  use,  you  can  still 
screw  it  up,”  he  says. 

The  new  push  by  ICSA  also  will 
include  certification  for  TLS,  an 
IETF-endorsed  encryption  proto¬ 
col  for  IP  traffic  incorporated  in 
newer  versions  of  Microsoft’s  Inter¬ 
net  Explorer  and  other  products. 

The  program  was  suggested  by 
Aventail  and  other  ICSA  cus¬ 
tomers  that  Monkman  declined 
to  name.  He  says  the  SSL  certifi¬ 
cation  will  be  ready  in  the  third 
quarter  and  is  intended  to  serve 
the  same  purpose  as  its  program 
for  firewalls. 

Also  at  the  show,  Neoteris  is 
announcing  an  upgrade  to  its 
Instant  Virtual  Extranet  (IVE)  soft¬ 
ware  that  supports  all  client-server 
applications  over  Internet  SSL  ses¬ 
sions.  Remote  computers  log  on 
to  the  IVE,  and  it  acts  as  a  go- 
between  with  application  servers 
at  a  corporate  site.  Previously  IVE 
had  Java-based  support  for  appli¬ 
cations,  and  this  adds  a  Windows- 
based  application  proxy 

The  upgrade  also  includes  a 
closer  integration  with  Siebei  Sys¬ 
tems  and  Oracle  software.This  lets 


employees  with  the  Johnson 
County  Kansas,  government  reach 
Oracle  ERP  servers  from  remote 
locations,  something  they  could¬ 
n’t  do  before,  says  Aaron  Goff, 
security  manager  for  the  county 
IT  services  department.  Before, 
the  county  used  the  IVE  for 
access  to  file-sharing  and  Web- 
based  applications  for  about  200 
employees,  he  says.  The  Neoteris 
capability  makes  it  unnecessary 
to  buy  the  Oracle  package  that 
enables  remote  access. 

For  securing  Web  services  traf¬ 
fic,  Forum  Systems  will  release  its 
Forum  Sentry  1500  Version  2.0 
appliance.  The  company  has 
added  support  for  the  Security 
Assertion  Markup  Language  to  its 
list  of  authorization  services.  The 
company  also  added  support  for 
WS-Security  and  WS-Routing,  two 
emerging  Web  services  protocols. 
Version  2.0  also  features  enhance¬ 
ments  to  the  filtering  engine  and 
policy  framework.  Pricing  starts  at 
about  $35,000. 

Network  World  Multimedia  Edi¬ 
tor  Jason  Meserve  and  Senior 
Editor  John  Fontana  contributed  to 
this  report. 
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Think  of  it  as 

COMDEX  To  Go 

V  COMDEX  did  not  become  the  country’s  leading  IT  event  by  following. 
Once  again,  we  lead  the  way  by  launching  COMDEX  Innovation  Forums. 


May  21,  2003 


Technology  Transfer 


Bringing  the  latest  technology  closer  to  home: 
COMDEX  Innovation  Forums. 

Future  technologies.  Industry  leaders.  Hot  trends.  The  Forums  bring 
what  you  love  to  where  you  live. 

Led  by  industry  experts,  these  free  half-day  workshops  dive  into  the 
latest  in  information  technology  and  communications. 


Spend  some  time  at  the  Forum, 
save  some  money  on  COMDEX. 

Everyone  who  attends  an  Innovation  Forum  receives  15%  off  their 
COMDEX  Fall  2003  Flex  Pass. 


New  York,  NY _ 

June  2003 
Digital  Convergence 
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San  Jose,  CA 

June  12,  2003 
Autonomic  Computing 


Another  great  reason  to  join  us. 

The  first  25  people  who  register*  for  each  event  receive  a 
free  copy  of  David  Moschella’s  new  book,  Customer-Driven  IT: 
How  Users  Are  Shaping  Technology  Industry  Growth. 


You  go  to  COMDEX  to  find  out  what’s  new. 

Get  to  COMDEX  Innovation  Forums  to  find  out  first. 


June  24,  2003 
Wireless  and  IM 
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Free  to  attend. 

Register  today  at  www.comdex.com/forums 


Visit  our  Web  site  for 
city-specific  details. 


A  Key3Media 
Group  Event 


COMDEX 


INNOVATION  FORUMS 


’Must  be  present  to  receive  book.  BRINGING  TECHNOLOGY  TO  YOU 

Copyright  ©  2003  Key3Media  Events,  Inc.,  5700  Wilshire  Boulevard,  Suite  325,  Los  Angeles,  CA  90036-3659.  All  Rights  Reserved.  CI03-242  3/03 
Key3Media,  COMDEX,  COMDEX  Innovation  Forums,  and  associated  design  marks  and  logos  are  trademarks  or  service  marks  owned  or  used  under  license  by 
Key3Media  Events,  Inc.,  and  may  be  registered  in  the  United  States  and  other  countries.  Other  names  mentioned  may  be  trademarks  or  service  marks  of  their 
respective  owners. 
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BackSpin  m^gm* 

Scams  to  scumware 
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evious.  Duplicitous.  Dissemb¬ 
ling.  Disingenuous.  These  are 
not  words  that  anyone  wants  to 
have  others  use  about  their  behavior. 
Yet  that’s  exactly  the  description  for 
people  on  the  ’Net  who  seem  willing 
to  do  anything  to  make  a  buck. 

The  people  who  regularly  tick  me  off  are  (no  sur¬ 
prise  here)  the  spammers,  those  low-life  imbeciles 
who  will  do  anything  to  get  your  attention.  What 
really  gets  me  going  are  the  subject  lines  they  use 
like:“Re:your  refinance  application." 

Like  I  wouldn’t  know  that  I  didn’t  apply  to  refi¬ 
nance  my  house. 

Spam  is  without  doubt  our  biggest  communica¬ 
tions  problem  and  will  remain  so  for  a  long  time,  but 
my  latest  accumulation  of  venom  is  for  those  com¬ 
panies  who  push  scumware. 

Scumware,  a  topic  that  I  last  wrote  about  in  2001, 
has  been  on  my  mind  since  I  got  hold  of  a  copy  of 
SpySweeper,  published  by  WebRoot  Software. 

Scumware  (also  known  as  spyware,  parasites  and 
several  more  colorful  but  unprintable  names)  is  soft¬ 
ware  that  either  displays  advertisements  (this  is 
called  adware),  or  goes  further  and  tracks  and 
reports  on  your  Web  browsing,  your  keystrokes  or 
anything  else  the  author  has  some  interest  in  know¬ 
ing  (this  is  spyware). 


Adware  is  the  most  common  form  of  scumware. 
Shareware  or  freeware  authors  often  use  it  to  gener¬ 
ate  revenue  from  their  software.The  authors  build 
third-party  adware  components  into  their  programs 
to  display  ads  and  get  a  cut  of  the  ad  revenue.  Ads 
are  displayed  when  the  software  is  running  and,  in 
some  cases,  also  when  it  isn’t. 

Adware  can  be  very  devious.  The  notorious  Gator 
from  Gator  Corp.  actually  hijacks  Web  banners  when 
they  are  displayed  in  your  browser  and  shows  its 
own  banners!  At  best,  that  is  ethically  dubious. 

Scumware  can  be  responsible  for  all  sorts  of  nasty 
things.  It  can  make  your  system  unstable,  degrade 
system  performance,  create  scores  of  copies  of  itself 
to  make  removal  difficult,  force  your  browser’s 
default  home  page  to  point  to  a  site  the  scumware  is 
promoting,  add  advertising  links  to  Web  pages,  make 
your  modem  call  premium-rate  phone  numbers  and 
create  major  security  holes  in  your  system. 

1  thought  I  was  careful  about  what  1  allowed  onto 
my  PC,  but  the  first  time  I  used  SpySweeper  I  found 
14  traces  of  scumware  code  (rather  than  cookies), 
which  included  five  copies  of  Bonzi  Buddy  six 
copies  of  Liveperson  and  one  Webhancer. 

Whether  you  agree  that  these  particular  products 
are  scumware,  the  fact  that  there  are  multiple  copies 
of  many  of  these  programs  is  very  suspicious  —  are 
the  programmers  so  pathetic  that  they  can’t  detect  a 


previous  installation  or  are  they  trying  to  do  some¬ 
thing  else,  such  as  ensure  that  getting  rid  of  the 
scumware  is  as  difficult  as  possible? 

As  for  Webhancer,  it  collects  the  URLs  of  visited 
Web  sites,  records  how  fast  they  load  and  sends  that 
data  to  Webhancer’s  servers.  Webhancer  can  execute 
code  loaded  silently  from  the  company’s  servers, 
and  if  you  try  to  remove  Webhancer, you’ll  often  find 
that  networking  stops  working  (Webhancer  messes 
with  registry  entries). 

In  a  corporate  environment  that  isn’t  locked  down, 
scumware  can  be  found  on  most  PCs  because  users 
don’t  read  end  user  license  agreements  (EULA).and 
even  if  they  did,  they  probably  wouldn’t  understand 
the  implications. 

But  what  I  find  reprehensible  is  that  a  lot  of  scum¬ 
ware  is  installed  by  trickery.  Gator  offers  users  a  util¬ 
ity  that  “synchronizes  your  computer’s  clock  to  the 
U.S.  Atomic  clock  ensuring  you  have  the  correct 
time,”  but  unless  you  read  the  entire  EULA  you  won’t 
know  that  you  also  are  installing  Gator’s  ad-serving 
software.  Worse  still,  that  EULA  can  be  buried  under 
a  EULA  for  another  product  or  service. 

In  a  corporate  environment  the  implications  of 
scumware  are  huge  when  you  consider  the  PC  sta¬ 
bility  and  security  issues  involved. 

Explanations  to  backspin@gibbs.com. 


uzz  News,  insights,  opinions  and  oddities 


By  Paul  McNamara 

A  report  from  the  file-swapping  front 

Verizon  has  a  point  about  the  disputed  subpoena, 
even  if  you  believe  —  as  I  do  —  that  the  recording 
industry  is  fighting  the  good  fight  to  keep  large- 
scale  file  swapping  from  eviscerating  the  intellec¬ 
tual  property  rights  of  musicians. 

Verizon  is  balking  at  a  judge’s  decision  issued 
earlier  this  year — and  reaffirmed  by  him  last  week 
—  that  it  must  provide  the  identity  of  a  Verizon  Online  customer  to  lawyers  for 
the  Recording  Industry  Association  of  America  (RIAA).The  customer  was 
allegedly  running  a  Napster-like  service.The  ISP  is  not  claiming  that  it  has  no 
obligation  to  disclose  such  information  —  it's  done  so  in  the  past,  for  example,  in 
spam-related  cases.  Instead,  Verizon  contends  such  subpoenas  should  require 
more  stringent  court  oversight  than  was  the  case  here. 

The  matter  isn't  clear-cut,  as  can  be  gleaned  from  reading  a  Deloitte  & Touche 
report  on  file-swapping  issues  at  www.nwfusion.com,  DocFinder  5649. 

Getting  an  ISP  to  cough  up  the  identity  of  a  customer  should  be  difficult ...  not 
impossible,  but  difficult. This  should  be  so  not  only  because  the  customer  has 
privacy  rights,  but  also  because  ISPs  deserve  protection  from  trivial  requests 
and  fishing  expeditions.  Requiring  that  a  subpoena  seeker  get  a  judge’s  OK  —  as 
opposed  to  a  court  clerk’s  rubber  stamp  —  would  strike  a  reasonable  balance. 

As  for  the  broader  issues  regarding  file-swappers,  much  remains  unresolved. 
The  law  is  not  of  them,  though,  putting  aside  that  subpoena  dispute.The  various 
recries  defended  over  the  years  by  music-swapping  apologists  have  held  up  in 
*  •  about  as  well  as  Iraq's  Elite  Republican  Guard  did  in  Baghdad.  And  that  has 

i :  'a  .  R1AA  critics  with  a  fallback  position  that  boils  down  to  something  like 
thi.s.  Lure,  the  courts  have  said  these  services  are  illegal  if  they  aren't  licensed. 


And  sure  it's  not  our  money.  But  the  recording  industry  ought  to  surrender  any¬ 
way  because,  well,  because  tens  of  millions  of  people  have  downloaded  free 
music  and  tens  of  millions  of  people  can’t  be  wrong.” 

Another  argument  holds  that  if  someone  in  the  industry  would  do  this  right  — 
give  music  fans  what  they  want,  the  way  they  want  it,  at  a  reasonable  price  —  those 
fans  who  now  filch  their  tunes  would  be  perfectly  willing  to  give  up  the  freebies 
and  pay. 

However,  as  the  Deloitte  & Touche  report  notes,  the  pay  services  are  proliferating 
and  getting  more  attractive  all  the  time,  yet  fewer  than  half  a  million  people  are 
ponying  up  for  downloads.  In  other  words,  what  people  tell  pollsters  they’re  willing 
to  do  and  what  they’re  actually  willing  to  do  are  not  necessarily  the  same  thing. 

Which  means  the  RIAA  still  has  a  huge  problem  to  solve. 

If  you’re  militant  one  way  or  the  other  on  this  issue,  the  Deloitte  &  Touche  report 
is  unlikely  to  sway  you. 

However,  the  reasonable  middle  might  find  it  enlightening. 

An  editor  throws  down  the  gauntlet 

The  challenge  from  my  editor  was  irresistible:  "Paul,  I  challenge  you  to  work 
this  word  into  'Net  Buzz." 

The  editor  gets  that  “word  of  the  day”  e-mail  from  Merriam-Webster. ...  He 
didn't  say  I  couldn't  make  up  stuff,  so  here  goes: 

“That  last  Blue  Screen  of  Death  will  be  the  last  Blue  Screen  of  Death,"  Jones 
shouted  mere  seconds  before  tossing  his  PC  out  the  window  in  an  act  of  cathar¬ 
tic  defenestration  that  years  later  still  draws  whistles  of  approval  any  time  net¬ 
work  executives  gather. 

Defenestration  \dee-feh-nuh-STRAY-shun\  noun:  a  throwing  of  a  person  or 
thing  out  of  a  window. 

You  can  toss  comments  and  questions  to  buzz@nww.com 


The  NetVanta  3305  from  ADTRAN 
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Dare  to  Compare! 

NetVanta 

3305 

Industry-Leading 

Brand 

Stateful  Inspection  Firewall 

✓ 

$S$ 

Dual  Network  Interfaces 

✓ 

$$$ 

Dual  Ethernet  Interfaces 

✓ 

$$$ 

Command  Line  Interface  (CLI) 

✓ 

✓ 

Unlimited  Telephone  Support 

✓ 

$$$ 

Free  Maintenance  Releases 

✓ 

Not  Available 

Virtual  Private  Networking 

$ 

$$$ 

Dial  Backup 

$ 

$$$ 

PBX  Connectivity 

$ 

sssss 

Warranty 

5  Year 

1  Year 

Uncompromising  quality.  Affordable  price.  There's  no  better  value 
in  access  routers  than  the  NetVanta  3000  Series  from  ADTRAN. 


For  some  time  now,  you’ve  been  buying  access  routers  a 
certain  way.  Perhaps  without  giving  it  a  second  thought. 

Now  there’s  good  reason  to  look  around — the  NetVanta  3000 
Series  from  ADTRAN.  These  routers  do  the  same  work  as 
other  brand  name  routers,  at  a  cost  that’s  up  to  55  percent 
less.  Designed  with  a  familiar  CLI,  NetVanta  3000  Series  routers 
fit  seamlessly  into  existing  operations.  No  costly  training  or 
recertification.  Built  to  ADTRAN  quality  standards,  this 
low-cost  alternative  is  backed  by  a  5-year  warranty  and 
free  pre-  and  post-sales  telephone  technical  support. 


Why  pay  more? 


Take  the  CLI  Challenge!  Receive  a  FREE  T-Shirt! 
www.adtran.com/info/whypa  ymore 

877.767.6022  Technical  Questions 
877.280.8416  Where  to  Buy 
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Experts  choose  ADTRAfT 
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Can  your  antivirus  software  provide  double  the  scanning  power?  Ours  can. 

Making  sure  your  company  is  secure  gets  more  and  more  difficult  every  day.  That's  why  eTrusf“  Antivirus  v7  from  Computer 
Associates  uses  dual  scanning  engines  to  ensure  comprehensive  virus  protection.  It  processes  data  in  real  time  to  search 
out  and  eliminate  viruses,  and  it  also  scans  files  during  prescheduled  and  off-peak  hours.  All  at  the  cost  of  most  single¬ 
engine  AV  products.  It's  more  than  just  twice  the  protection.  It's  twice  the  peace  of  mind.  ca.com/etrust/antivirus 


eTrust™  Antivirus 


Computer  Associates® 


O  2003  Computer  Associates  International,  Inc  (CA)  All  nghts  reserved  eTrust*  Antivirus  was  formerly  known  as  ©Trust'  Inoculate /T“ 


